A secure system is one where every layer is rigorously protected, collectively ensuring a robust security posture. At PacerPro, we recognize that cloud security is built on cloud-native best practices and a Shared Responsibility Model (SRM). Therefore, we continuously analyze, refine, automate, and enhance visibility into the complex security responsibilities of various layers within our applications - as well as those of our cloud providers and customers - to ensure the highest levels of protection for our customers’ data.
Understanding the Shared Responsibility Model (SRM)
PacerPro’s cloud security operates on a shared model, where responsibilities are divided among us, our cloud service providers and our customers.
Understanding the Shared Responsibility Model (SRM)
PacerPro’s Responsibilities: As a cloud-based solution, PacerPro ensures robust security measures at the application and operational levels, bridging our cloud-provider and customer security responsibilities.
Cloud Provider Responsibilities: Infrastructure security, physical data center security, and foundational services compliance.
Customer Responsibilities: Access control, user management, SSO, and secure usage of cloud services.
How PacerPro Keeps Your Data Secure
Zero Trust Model
PacerPro follows the security Zero Trust Model. This model assumes that no user, device, or application should be trusted by default, requiring strict verification and authorization for every access request and enforcing security policies based on the principle of least privilege.
SOC 2 Compliance
PacerPro has achieved SOC 2 Type I and Type II certifications, demonstrating our commitment to industry-standard security controls. These audits in compliance - since October 2022 - validate our ability to safeguard customer data against unauthorized access and breaches.
Single Sign-On (SSO) & Access Controls
We integrate SSO authentication to enhance security and streamline user access. This reduces password fatigue while ensuring strict access management.
Data Encryption & Protection
All data processed by PacerPro is encrypted in transit and at rest, safeguarding sensitive information from unauthorized interception. Additionally, our policies and the document take-down request feature ensure that no sealed documents are stored within our systems.
Continuous Monitoring & Threat Detection
We employ real-time security monitoring, automated alerts, and threat detection systems to identify and mitigate potential risks before they can impact our customers.
Regular Security Audits & Improvements
PacerPro continuously refines its security posture through routine security assessments, penetration testing, and compliance checks to stay ahead of evolving threats.
PacerPro was the first in our space to achieve SOC 2 compliance - obtaining certification for Type I in 2022 and Type 2 in 2023. This milestone demonstrates our commitment to safeguarding client data and streamlines the onboarding process for firms with stringent security requirements.
Anna McGrane Chief Executive Officer PacerPro
Best Practices for Customers
While PacerPro implements rigorous security measures, customers also play a vital role in maintaining a secure environment. We recommend the following.
Consider integrating with SSO and enable Multi-Factor Authentication (MFA): Add an extra layer of authentication to protect against unauthorized access.
Regularly review user access: Ensure only authorized personnel can access critical data.
Keep credentials secure: Never share login details, and use strong passwords.
Stay Informed on Security Best Practices: Continuously educate yourself on cybersecurity threats and mitigation techniques.
Commitment to Ongoing Security
At PacerPro, we are dedicated to improving our security posture through ongoing investments in technology, compliance, and customer education. If you have security concerns or questions, our support team can assist you at security@pacerpro.com.
Integrating security into various layers such as design, development, and operations at PacerPro has been both an organic and deliberate mission. Achieving SOC 2 compliance early, when our team was small, enabled us to seamlessly embed cloud-native best practices and a shared security model into our evolving culture. So, security goes beyond policies and processes - it is a core value that every team member is equipped to champion.