TOTAL EXPERT TRUST CENTER
with Best-in-Class Data Security
Total Expert is committed to flawless data security. We deploy best-in-class technologies and processes to safeguard all of your information, whether it’s in transit, in use or at rest.
Our security approach
Our approach to security is informed heavily by the NIST Cybersecurity Framework, AWS Well-Architected Framework and other relevant and widely recognized industry standards. In addition, Total Expert is American Institute of CPAs (AICPA) SOC2 compliant, which means the design and operating effectiveness of our controls meet rigorous standards.
While our platform offers exceptional data security, those controls do not create friction for authorized users. Total Expert can leverage your single sign-on (SSO) provider to enforce enterprise-specific policies. This includes offering SSO capabilities that greatly simplify the login process for your users, while providing the additional security of multi-factor authentication (MFA). These identity systems allow you to not only control access to your data, but also manage precise privileges. You can be confident users are only given the access they need to do the task at hand.
Continuous monitoring of authorized sessions
We leverage adaptive authentication technologies to ensure the identity of authorized users. This includes key security considerations, like device reputation, user location, IP address and user behavior. We also monitor every session to make sure users only access data that matches their privileges — and to ensure sessions aren’t hijacked via man-in-the-middle attacks.
Shared responsibility model
Total Expert provides you with the tools and support you need to ensure that all of your users engage in appropriate and compliant use of our platform. As a customer, you have everything you need to coach users and ensure they are protecting customer data in your day-to-day operations. Total Expert and its technology partners assume full responsibility for the security of the platform itself. This Shared Responsibility model is built on best practices refined over years of deployment.
Beyond digital: strong physical security
Total Expert partners with Amazon Web Services (AWS) as our infrastructure provider. This means your data is hosted in U.S.-based data centers that feature 24/7 physical security. These data centers are protected with best-in-class security systems that carry SOC2 and ISO certifications. Physical protection of your data is every bit as strong as our virtual safeguards.
We use automated auditing tools to track precisely who accesses your data, when it’s accessed and when it’s updated. Our audit trails also show which automated processes are acting on your data. In addition to providing you with control and visibility, these audit trails help simplify compliance processes.
TCPA and CAN-SPAM
Email and text (SMS) are staples in most marketing programs. While they’re convenient, they’re fraught with compliance risks. Total Expert’s email and texting systems feature automated workflows for approvals, reporting and auditing, so you know messages are reaching people in the ways they approve.
Staying Compliant with the CCPA
Total Expert is an approved service provider under the California Consumer Privacy Act (CCPA). We process personal information only on behalf of our customers, pursuant to written contracts. Those contracts, which are already in place, permit Total Expert to process our customers’ data only for the purpose of providing our services. While we process personal information transmitted through our network, we never sell that information to third parties.