Securing your data is critical to our business. We’re constantly working to protect your information and prevent unauthorized account access.
Overview
The Impact Growth Portal is the platform designed and built by Impact Growth Capital (“IGC”) Investments to provide our Investors with the services and tools that make investing with us a unique experience. We take the security of our users’ data seriously, and consciously take steps to ensure all information remains secure. To achieve this, we use Amazon Web Services (AWS), the world’s largest and most trusted cloud computing services provider, as the platform upon which we built the portal. By using AWS, we benefit from the security certifications AWS has obtained, including ISO 27001 certification, ability for Level 1 service provider under the Payment Card Industry (PCI) Data Security Standards (DSS). AWS undergoes annual SOC 1 audits and has been successfully evaluated at a moderate level for U.S. Federal government systems as well as DIACAP 2 for U.S. Department of Defense systems.
For information on AWS procedures, facilities, and certification, please see https://aws.amazon.com/security.
Encryption
All external traffic between the users and the web application (between user and web server) is over a 2048 bit SSL connection or encrypted via SSH. All passwords and sensitive personally-identifiable information are encrypted at rest. Additionally, the IGC Investor Portal uses Extended Validation (EV) certificates, which are single-domain Secure Sockets Layer certificates that offer the highest degree of authentication and documentation checks.
Data Access
Our support team maintains an account on all cloud systems and applications for the purposes of maintenance and support. This support team accesses hosted applications and data only for purposes of application health monitoring and performing system or application maintenance, and upon customer request via our support system. Within IGC, only authorized employees have access to application data. Authentication is done via Multi-factor authentication provided by Amazon’s Identity and Access Management (IAM) platform and uses a combination of passwords and security tokens.
Portal user accounts are designed to allow application data to be accessible only with appropriate credentials, such that one customer cannot access another customer’s data without explicit knowledge of that other customer’s login information. Customers are responsible for maintaining the security of their own login information.
The support team monitors the IGC Investor Portal platform 24×7.
Privacy
IGC Investments understands the importance of ensuring the privacy of your personally identifiable information. For more information, please see our Privacy Statement.
Review and Compliance
IGC is committed to staying up-to-date with the latest best practices, regulations, and standards regarding the security of our system. To that end, periodic security scans and penetration tests are performed on the system by approved 3rd parties. Any vulnerabilities found are addressed with criticality as part of ongoing bug-fix and feature releases that enhance and improve the platform.
For more information or questions, please contact us.
Subscribe
Subscribe to receive the latest Origin articles about commercial real estate investing concepts, industry news and market trends, as well as occasional company updates.