{"id":32815,"date":"2025-09-27T02:28:48","date_gmt":"2025-09-27T06:28:48","guid":{"rendered":"https:\/\/mtechsystems.io\/?page_id=32815"},"modified":"2025-11-06T09:59:19","modified_gmt":"2025-11-06T14:59:19","slug":"security-measures","status":"publish","type":"page","link":"https:\/\/mtechsystems.io\/es\/legal\/security-measures\/","title":{"rendered":"Medidas de seguridad"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-page\" data-elementor-id=\"32815\" class=\"elementor elementor-32815\" data-elementor-post-type=\"page\">\n\t\t\t\t<div class=\"elementor-element elementor-element-cae975f e-flex e-con-boxed e-con e-parent\" data-id=\"cae975f\" data-element_type=\"container\" data-e-type=\"container\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-0fdab8e elementor-widget elementor-widget-heading\" data-id=\"0fdab8e\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t\t<h1 class=\"elementor-heading-title elementor-size-default\">Security Measures<\/h1>\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-236cd99 e-flex e-con-boxed e-con e-parent\" data-id=\"236cd99\" data-element_type=\"container\" data-e-type=\"container\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t<div class=\"elementor-element elementor-element-f69b492 e-con-full e-flex e-con e-child\" data-id=\"f69b492\" data-element_type=\"container\" data-e-type=\"container\">\n\t\t\t\t<div class=\"elementor-element elementor-element-e4a0924 elementor-widget__width-initial elementor-widget elementor-widget-ucaddon_list\" data-id=\"e4a0924\" data-element_type=\"widget\" data-e-type=\"widget\" data-settings=\"{&quot;sticky&quot;:&quot;top&quot;,&quot;sticky_on&quot;:[&quot;widescreen&quot;,&quot;desktop&quot;],&quot;sticky_offset&quot;:90,&quot;sticky_anchor_link_offset&quot;:90,&quot;sticky_parent&quot;:&quot;yes&quot;,&quot;sticky_effects_offset&quot;:0}\" data-widget_type=\"ucaddon_list.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\n<!-- start List -->\n\t\t<link id='font-awesome-css' href='https:\/\/mtechsystems.io\/wp-content\/plugins\/unlimited-elements-for-elementor-premium\/assets_libraries\/font-awesome6\/fontawesome-all.min.css' type='text\/css' rel='stylesheet' >\n\t\t<link id='font-awesome-4-shim-css' href='https:\/\/mtechsystems.io\/wp-content\/plugins\/unlimited-elements-for-elementor-premium\/assets_libraries\/font-awesome6\/fontawesome-v4-shims.min.css' type='text\/css' rel='stylesheet' >\n\n<style>\/* widget: List *\/\n\n\n\n#uc_list_elementor_e4a0924{\n  display:grid;\n}\n\n#uc_list_elementor_e4a0924 .ue-list-item\n{\n  display:flex;\n}\n\n#uc_list_elementor_e4a0924 .ue-list-item a{\n  width:100%;\n}\n\n#uc_list_elementor_e4a0924 .ue-list-item-image img\n{\n  max-width:100%;\n}\n#uc_list_elementor_e4a0924 .ue-list-item-text *{\n  margin-bottom:0px;\n}\n\n#uc_list_elementor_e4a0924 .ue-list-item-index\n{\n  flex-grow:0;\n  flex-shrink:0;\n  display:flex;\n  align-items:center;\n  justify-content:center;\n  line-height:1em;\n}\n\n#uc_list_elementor_e4a0924 .ue-list-item-index svg\n{\n  height:1em;\n  width:1em;\n}\n\n#uc_list_elementor_e4a0924 .ue-list-item-content\n{\n  flex-grow:1;\n}\n\n<\/style>\n\n<div id=\"uc_list_elementor_e4a0924\" class=\"ue-list uc-items-wrapper  \"  >\n  <div class=\"ue-list-item elementor-repeater-item-206bea6\">\n  <div class=\"ue-list-item-index\">\n            <i class=''><\/i>  <\/div>\n  <div class=\"ue-list-item-content\">\n  <a href=\"#governance-organization\" >      <h4 class=\"ue-list-item-title\">1. Governance and Organization<\/h4>\n           <\/a>  <\/div>\n<\/div>\n<div class=\"ue-list-item elementor-repeater-item-402b7c7\">\n  <div class=\"ue-list-item-index\">\n            <i class=''><\/i>  <\/div>\n  <div class=\"ue-list-item-content\">\n  <a href=\"#frameworks-certifications\" >      <h4 class=\"ue-list-item-title\">2. Frameworks and Certifications<\/h4>\n           <\/a>  <\/div>\n<\/div>\n<div class=\"ue-list-item elementor-repeater-item-7103353\">\n  <div class=\"ue-list-item-index\">\n            <i class=''><\/i>  <\/div>\n  <div class=\"ue-list-item-content\">\n  <a href=\"#data-categories\" >      <h4 class=\"ue-list-item-title\">3. Data Categories Processed<\/h4>\n           <\/a>  <\/div>\n<\/div>\n<div class=\"ue-list-item elementor-repeater-item-0835130\">\n  <div class=\"ue-list-item-index\">\n            <i class=''><\/i>  <\/div>\n  <div class=\"ue-list-item-content\">\n  <a href=\"#data-subject-rights\" >      <h4 class=\"ue-list-item-title\">4. Data Subject Rights and Privacy Requests<\/h4>\n           <\/a>  <\/div>\n<\/div>\n<div class=\"ue-list-item elementor-repeater-item-d1c9144\">\n  <div class=\"ue-list-item-index\">\n            <i class=''><\/i>  <\/div>\n  <div class=\"ue-list-item-content\">\n  <a href=\"#core-security\" >      <h4 class=\"ue-list-item-title\">5. Core Security Principles<\/h4>\n           <\/a>  <\/div>\n<\/div>\n<div class=\"ue-list-item elementor-repeater-item-c5d10fe\">\n  <div class=\"ue-list-item-index\">\n            <i class=''><\/i>  <\/div>\n  <div class=\"ue-list-item-content\">\n  <a href=\"#zero-trust-framework\" >      <h4 class=\"ue-list-item-title\">6. Zero-Trust Framework<\/h4>\n           <\/a>  <\/div>\n<\/div>\n<div class=\"ue-list-item elementor-repeater-item-3bed87a\">\n  <div class=\"ue-list-item-index\">\n            <i class=''><\/i>  <\/div>\n  <div class=\"ue-list-item-content\">\n  <a href=\"#hosting\" >      <h4 class=\"ue-list-item-title\">7. Hosting<\/h4>\n           <\/a>  <\/div>\n<\/div>\n<div class=\"ue-list-item elementor-repeater-item-1f313b1\">\n  <div class=\"ue-list-item-index\">\n            <i class=''><\/i>  <\/div>\n  <div class=\"ue-list-item-content\">\n  <a href=\"#operational-security\" >      <h4 class=\"ue-list-item-title\">8. Operational Security and Monitoring<\/h4>\n           <\/a>  <\/div>\n<\/div>\n<div class=\"ue-list-item elementor-repeater-item-f7b1d1e\">\n  <div class=\"ue-list-item-index\">\n            <i class=''><\/i>  <\/div>\n  <div class=\"ue-list-item-content\">\n  <a href=\"#threat-intelligence\" >      <h4 class=\"ue-list-item-title\">9. Threat Intelligence and Risk Analysis<\/h4>\n           <\/a>  <\/div>\n<\/div>\n<div class=\"ue-list-item elementor-repeater-item-037ee4b\">\n  <div class=\"ue-list-item-index\">\n            <i class=''><\/i>  <\/div>\n  <div class=\"ue-list-item-content\">\n  <a href=\"#management-controls\" >      <h4 class=\"ue-list-item-title\">10. Access Management Controls<\/h4>\n           <\/a>  <\/div>\n<\/div>\n<div class=\"ue-list-item elementor-repeater-item-92c0ba8\">\n  <div class=\"ue-list-item-index\">\n            <i class=''><\/i>  <\/div>\n  <div class=\"ue-list-item-content\">\n  <a href=\"#secure-development\" >      <h4 class=\"ue-list-item-title\">11. Secure Development Practices<\/h4>\n           <\/a>  <\/div>\n<\/div>\n<div class=\"ue-list-item elementor-repeater-item-ea0bd5e\">\n  <div class=\"ue-list-item-index\">\n            <i class=''><\/i>  <\/div>\n  <div class=\"ue-list-item-content\">\n  <a href=\"#penetration-testing\" >      <h4 class=\"ue-list-item-title\">12. Penetration Testing<\/h4>\n           <\/a>  <\/div>\n<\/div>\n<div class=\"ue-list-item elementor-repeater-item-c099f2a\">\n  <div class=\"ue-list-item-index\">\n            <i class=''><\/i>  <\/div>\n  <div class=\"ue-list-item-content\">\n  <a href=\"#incident-management\" >      <h4 class=\"ue-list-item-title\">13. Incident Management<\/h4>\n           <\/a>  <\/div>\n<\/div>\n<div class=\"ue-list-item elementor-repeater-item-b05f5f7\">\n  <div class=\"ue-list-item-index\">\n            <i class=''><\/i>  <\/div>\n  <div class=\"ue-list-item-content\">\n  <a href=\"#disaster-recovery\" >      <h4 class=\"ue-list-item-title\">14. Disaster Recovery and Business Continuity<\/h4>\n           <\/a>  <\/div>\n<\/div>\n<div class=\"ue-list-item elementor-repeater-item-a95783d\">\n  <div class=\"ue-list-item-index\">\n            <i class=''><\/i>  <\/div>\n  <div class=\"ue-list-item-content\">\n  <a href=\"#risk-management\" >      <h4 class=\"ue-list-item-title\">15. Risk Management<\/h4>\n           <\/a>  <\/div>\n<\/div>\n<div class=\"ue-list-item elementor-repeater-item-7a98358\">\n  <div class=\"ue-list-item-index\">\n            <i class=''><\/i>  <\/div>\n  <div class=\"ue-list-item-content\">\n  <a href=\"#people-security\" >      <h4 class=\"ue-list-item-title\">16. People Security<\/h4>\n           <\/a>  <\/div>\n<\/div>\n<div class=\"ue-list-item elementor-repeater-item-2557ee6\">\n  <div class=\"ue-list-item-index\">\n            <i class=''><\/i>  <\/div>\n  <div class=\"ue-list-item-content\">\n  <a href=\"#physical-security\" >      <h4 class=\"ue-list-item-title\">17. Physical Security<\/h4>\n           <\/a>  <\/div>\n<\/div>\n<div class=\"ue-list-item elementor-repeater-item-79f715d\">\n  <div class=\"ue-list-item-index\">\n            <i class=''><\/i>  <\/div>\n  <div class=\"ue-list-item-content\">\n  <a href=\"#vendor-subprocessors\" >      <h4 class=\"ue-list-item-title\">18. Vendor Management and Sub-processors<\/h4>\n           <\/a>  <\/div>\n<\/div>\n<div class=\"ue-list-item elementor-repeater-item-e0b68d1\">\n  <div class=\"ue-list-item-index\">\n            <i class=''><\/i>  <\/div>\n  <div class=\"ue-list-item-content\">\n  <a href=\"#contact-us\" >      <h4 class=\"ue-list-item-title\">19. Contact us<\/h4>\n           <\/a>  <\/div>\n<\/div>\n\n<\/div>\n<!-- end List -->\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-8502ea4 e-con-full content e-flex e-con e-child\" data-id=\"8502ea4\" data-element_type=\"container\" data-e-type=\"container\">\n\t\t\t\t<div class=\"elementor-element elementor-element-f186561 elementor-widget elementor-widget-heading\" data-id=\"f186561\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t\t<div class=\"elementor-heading-title elementor-size-default\">Last modified: September 27th, 2025<\/div>\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-88b990f elementor-widget elementor-widget-text-editor\" data-id=\"88b990f\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t\t\t\t\t\t<p style=\"padding-left: 40px;\">At MTech we take information security very seriously. Protecting your data is one of our most important responsibilities. We strongly believe in being transparent with how we work, and this also applies to our security practices so that you as a customer understand our approach and commitment.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-ab8de10 elementor-widget elementor-widget-heading\" data-id=\"ab8de10\" data-element_type=\"widget\" data-e-type=\"widget\" id=\"governance-organization\" data-widget_type=\"heading.default\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">1. Governance and Organization<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-9edc594 elementor-widget elementor-widget-text-editor\" data-id=\"9edc594\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t\t\t\t\t\t<p style=\"padding-left: 40px;\">Our information security program is led by our Chief Information Officer, who is responsible for security strategy, risk management, compliance with applicable information security and data protection laws, and oversight of operational security (including review of alerts, logs, and metrics). The Chief Information Officer also serves as our internal Data Protection Officer.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-6205619 elementor-widget elementor-widget-heading\" data-id=\"6205619\" data-element_type=\"widget\" data-e-type=\"widget\" id=\"frameworks-certifications\" data-widget_type=\"heading.default\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">2. Frameworks and Certifications<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-d37a714 elementor-widget elementor-widget-text-editor\" data-id=\"d37a714\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t\t\t\t\t\t<p style=\"padding-left: 40px;\">MTech\u2019s information security program incorporates best practices from industry-standard frameworks, such as ISO 27001 and the NIST Cybersecurity Framework (CSF). MTech is SOC2 Type 2 attested by an independent third-party auditor.<\/p><p style=\"padding-left: 40px;\">You can learn more about our certifications at <a href=\"https:\/\/mtechsystems.io\/trust\">https:\/\/mtechsystems.io\/trust-center<\/a>.<\/p><p style=\"padding-left: 40px;\"><i>Our SOC2 Type 2 report is available on request, subject to a customary non-disclosure agreement.<\/i><\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-7f78b10 elementor-widget elementor-widget-heading\" data-id=\"7f78b10\" data-element_type=\"widget\" data-e-type=\"widget\" id=\"data-categories\" data-widget_type=\"heading.default\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">3.\tData Categories Processed<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-3f5d49d elementor-widget elementor-widget-text-editor\" data-id=\"3f5d49d\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t\t\t\t\t\t<p style=\"padding-left: 40px;\">MTech\u2019s platform and services primarily process data related to livestock production operations and supply chain management. Most data comprise metrics such as animal counts, feed usage, production yields, environmental conditions, and cost tracking, sourced from systems and devices that subscribers choose to connect.<\/p><p style=\"padding-left: 40px;\">Personal data is not the primary type of data handled by MTech. Our focus is on operational, production, and supply chain data to support livestock management and business decision-making.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-ea5eb24 elementor-widget elementor-widget-heading\" data-id=\"ea5eb24\" data-element_type=\"widget\" data-e-type=\"widget\" id=\"data-subject-rights\" data-widget_type=\"heading.default\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">4.\tData Subject Rights and Privacy Requests<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-9c6363c elementor-widget elementor-widget-text-editor\" data-id=\"9c6363c\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t\t\t\t\t\t<p style=\"padding-left: 40px;\">MTech supports data subject rights under applicable privacy laws. You can read more about how we handle requests for access, rectification, deletion, or restriction of processing of personal data in our Privacy Policy available at <a href=\"https:\/\/mtechsystems.io\/legal\/privacy\">https:\/\/mtechsystems.io\/legal\/privacy-policy\/<\/a>.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-093ef51 elementor-widget elementor-widget-heading\" data-id=\"093ef51\" data-element_type=\"widget\" data-e-type=\"widget\" id=\"core-security\" data-widget_type=\"heading.default\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">5.\tCore Security Principles<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-8d422e3 elementor-widget elementor-widget-text-editor\" data-id=\"8d422e3\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t\t\t\t\t\t<p style=\"padding-left: 40px;\">The foundation of our information security program is to prevent unauthorized access to subscriber data.<\/p><ul><li style=\"list-style-type: none;\"><ul><li><b>Information Handling.<\/b> All information assets are classified using a formal classification matrix, with designated roles and ownership assigned throughout the organization to ensure accountability and proper stewardship.<\/li><li><b>Data in Transit.<\/b> All data transferred between subscriber systems and MTech services is protected using strong encryption protocols, specifically Transport Layer Security (TLS 1.2 or higher).<\/li><li><b>Data at Rest.<\/b> All data stored within MTech\u2019s platform is encrypted at rest using the Advanced Encryption Standard (AES-256).<\/li><li><b>Data Segmentation.<\/b> MTech\u2019s platform operates within a secure cloud environment, and each subscriber\u2019s data is logically separated to ensure privacy and isolation.<\/li><li><b>Encryption Keys.<\/b> Encryption keys are managed securely within Microsoft Azure, with regular rotation and access controls in accordance with industry best practices.<\/li><\/ul><\/li><\/ul>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-a96b528 elementor-widget elementor-widget-heading\" data-id=\"a96b528\" data-element_type=\"widget\" data-e-type=\"widget\" id=\"zero-trust-framework\" data-widget_type=\"heading.default\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">6.\tZero-Trust Framework<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-aac8033 elementor-widget elementor-widget-text-editor\" data-id=\"aac8033\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t\t\t\t\t\t<p style=\"padding-left: 40px;\">MTech employes a zero-trust strategy across all environments, whether internal or customer based. The Zero-Trust Framework is based on three core principles.<\/p><ul><li style=\"list-style-type: none;\"><ul><li><b>Verify Explicitly.<\/b> Every access request is authenticated and authorized based on all available data.<\/li><li><b>Use Least Privileged Access.<\/b> Limit user access to only what is necessary.<\/li><li><b>Assume Breach.<\/b> Design systems with the expectation that breaches will occur.<\/li><\/ul><\/li><\/ul>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-4873ba5 elementor-widget elementor-widget-heading\" data-id=\"4873ba5\" data-element_type=\"widget\" data-e-type=\"widget\" id=\"hosting\" data-widget_type=\"heading.default\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">7.\tHosting<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-305bd0d elementor-widget elementor-widget-text-editor\" data-id=\"305bd0d\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t\t\t\t\t\t<p style=\"padding-left: 40px;\">MTech\u2019s platform and services are hosted on Microsoft Azure. Subscribers can select their preferred hosting location to meet business, regulatory, or data residency requirements.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-975f002 elementor-widget elementor-widget-heading\" data-id=\"975f002\" data-element_type=\"widget\" data-e-type=\"widget\" id=\"operational-security\" data-widget_type=\"heading.default\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">8.\tOperational Security and Monitoring<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-a46eda8 elementor-widget elementor-widget-text-editor\" data-id=\"a46eda8\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t\t\t\t\t\t<p style=\"padding-left: 40px;\">Our platform and services are constantly monitored for deviations, anomalies, and suspicious patterns. We monitor subscriber accounts and user activities, including privileged accounts. Different types of traffic and behavior are analyzed to identify deviations and enable rapid response through automated alerts. Product availability and performance are continuously tracked using dedicated monitoring services. Monitoring and alerting controls are regularly reviewed and updated to reflect evolving threats and operational requirements.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-734bf2f elementor-widget elementor-widget-heading\" data-id=\"734bf2f\" data-element_type=\"widget\" data-e-type=\"widget\" id=\"threat-intelligence\" data-widget_type=\"heading.default\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">9.\tThreat Intelligence and Risk Analysis<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-ca9b8b1 elementor-widget elementor-widget-text-editor\" data-id=\"ca9b8b1\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t\t\t\t\t\t<p style=\"padding-left: 40px;\">Cyber-attack threat analysis via Microsoft Defender, Microsoft Sentinel, and Blue Voyant helps the MTech Security Team to identify risks from external hackers, internal sabotage, and geopolitical threats. Focus is on detecting and preventing ransomware, activism-driven attacks, and attacks on sensitive data such as our source code and subscriber data.<\/p><ul><li style=\"list-style-type: none;\"><ul><li><b>Microsoft Defender.<\/b> MTech uses Microsoft Defender for Endpoint, Identity, Office 365, and Cloud Apps. Defender for Endpoint provides real-time blocking and threat protection. Defender for Identity protects Active Directory from lateral movement and credential theft. Defender for Office 365 enhances email hygiene and phishing protection. Defender for Cloud Apps monitors shadow IT and app anomalies.<\/li><li><b>Microsoft Sentinel.<\/b> Sentinel serves as MTech\u2019s SIEM platform, aggregating logs from Defender and other sources. It supports analytics, alerting, and automation, and is integrated with BlueVoyant\u2019s SOC for 24\/7\/365 managed detection and response. Security incidents are triaged by BlueVoyant and escalated to internal MTech personnel where applicable.<\/li><li><b>BlueVoyant.<\/b> BlueVoyant provides 24\/7\/365 SOC coverage, threat intelligence, and monthly reporting via the Wavelength portal. It supports endpoint quarantine, file deletion, and whitelisting under pre-approved protocols. SSO integration with Entra ID ensures secure access to the portal.<\/li><\/ul><\/li><\/ul>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-5e9a6cb elementor-widget elementor-widget-heading\" data-id=\"5e9a6cb\" data-element_type=\"widget\" data-e-type=\"widget\" id=\"management-controls\" data-widget_type=\"heading.default\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">10.\tAccess Management Controls<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-80d4769 elementor-widget elementor-widget-text-editor\" data-id=\"80d4769\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t\t\t\t\t\t<p style=\"padding-left: 40px;\">MTech implements robust access management controls to ensure that only authorized individuals can access our systems and data. Access rights are granted based on the principles of need-to-know and least privilege, ensuring users have only the permissions necessary for their roles and responsibilities.<\/p><ul><li style=\"list-style-type: none;\"><ul><li><b>Authentication.<\/b> We secure accounts with strong authentication measures, including multi-factor authentication (MFA), hardware tokens, and single sign-on (SSO).<\/li><li><b>Privileged Access.<\/b> Privileged access is strictly limited to authorized personnel. All activities performed with elevated rights are closely monitored and logged to maintain accountability and oversight.<\/li><li><b>Access Reviews.<\/b> Access reviews are regularly conducted according to an established process to ensure permissions remain appropriate.<\/li><li><b>Subscriber Authentication Options.<\/b> MTech offers flexible authentication options for subscribers, including integrations with identity providers such as Okta, Google, CyberArk, and Entra ID.<\/li><\/ul><\/li><\/ul>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-fde20d1 elementor-widget elementor-widget-heading\" data-id=\"fde20d1\" data-element_type=\"widget\" data-e-type=\"widget\" id=\"secure-development\" data-widget_type=\"heading.default\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">11.\tSecure Development Practices<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-c556a50 elementor-widget elementor-widget-text-editor\" data-id=\"c556a50\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t\t\t\t\t\t<div style=\"padding-left: 40px;\"><p>Security is embedded throughout the software development lifecycle.<\/p><ul><li><b>Code Deployment.<\/b> All changes to the code base are peer-reviewed and validated before being deployed to the production environment.<\/li><li><b>Automated Monitoring.<\/b> Automated tools continuously scan for potential vulnerabilities, ensuring that issues are identified and remediated promptly to maintain the security and integrity of our platform and services.<\/li><\/ul><\/div>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-495fb31 elementor-widget elementor-widget-heading\" data-id=\"495fb31\" data-element_type=\"widget\" data-e-type=\"widget\" id=\"penetration-testing\" data-widget_type=\"heading.default\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">12.\tPenetration Testing<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-7e63067 elementor-widget elementor-widget-text-editor\" data-id=\"7e63067\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t\t\t\t\t\t<div style=\"padding-left: 40px;\"><p>MTech engages independent third parties to conduct regular penetration testing of our platform and services.<\/p><\/div>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-add3bc4 elementor-widget elementor-widget-heading\" data-id=\"add3bc4\" data-element_type=\"widget\" data-e-type=\"widget\" id=\"incident-management\" data-widget_type=\"heading.default\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">13.\tIncident Management<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-f4aba58 elementor-widget elementor-widget-text-editor\" data-id=\"f4aba58\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t\t\t\t\t\t<div style=\"padding-left: 40px;\">MTech maintains a structured incident management framework that clearly defines roles, responsibilities, communication protocols, and procedures for the detection, escalation, and resolution of service and security incidents.<\/div>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-6366936 elementor-widget elementor-widget-heading\" data-id=\"6366936\" data-element_type=\"widget\" data-e-type=\"widget\" id=\"disaster-recovery\" data-widget_type=\"heading.default\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">14.\tDisaster Recovery and Business Continuity<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-921aeca elementor-widget elementor-widget-text-editor\" data-id=\"921aeca\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t\t\t\t\t\t<div style=\"padding-left: 40px;\"><p>Subscribers have the option to deploy services redundantly across multiple Azure Availability Zones, ensuring resilience against environmental risks.<\/p><p>The services leverage geographically distributed data centers and cloud infrastructure for high availability, operational continuity, and disaster recovery, depending on the subscriber\u2019s selected service level.<\/p><p>Subscriber data is backed up using geo-redundant storage in an alternate region. In the event of a primary region outage, data can be restored, and the environment reprovisioned in accordance with our disaster recovery procedures.<\/p><p>Support and engineering teams are distributed across regions for rapid response.<\/p><p>Business continuity, incident response, and disaster recovery plans are regularly tested and updated.<\/p><\/div>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-633149d elementor-widget elementor-widget-heading\" data-id=\"633149d\" data-element_type=\"widget\" data-e-type=\"widget\" id=\"risk-management\" data-widget_type=\"heading.default\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">15.\tRisk Management<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-288a1f1 elementor-widget elementor-widget-text-editor\" data-id=\"288a1f1\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t\t\t\t\t\t<div style=\"padding-left: 40px;\"><p>Risk management is a central activity at MTech and is fundamental to our long-term stability and operational resilience. We foster a strong risk-aware culture and maintain effective processes to identify, assess, manage, and report risks across our organization.<\/p><p>MTech continuously monitors and evaluates risks using a structured model that considers both probability and impact. Risks are identified, assessed, and prioritized, with mitigation strategies developed and tracked to closure. Regular reporting ensures that risk owners and leadership remain informed and engaged in proactive risk management.<\/p><\/div>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-c66584c elementor-widget elementor-widget-heading\" data-id=\"c66584c\" data-element_type=\"widget\" data-e-type=\"widget\" id=\"people-security\" data-widget_type=\"heading.default\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">16.\tPeople Security<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-7ae1fe3 elementor-widget elementor-widget-text-editor\" data-id=\"7ae1fe3\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t\t\t\t\t\t<div style=\"padding-left: 40px;\"><p>MTech applies comprehensive personnel security controls to ensure employees, contractors, and consultants understand their responsibilities, are suitable for their roles, and are continuously trained.<\/p><ul><li><b>Background Checks.<\/b> Pre-employment screening is conducted for all new hires and contractors. External service providers are used to perform these checks securely where permitted by applicable laws.<\/li><li><b>Onboarding.<\/b> All personnel follow a structured onboarding process that includes participating in security awareness and role-specific training, as well as assignment of access credentials.<\/li><li><b>Offboarding.<\/b> Offboarding is governed by a formal checklist-driven process which includes immediate revocation of system and physical access, return or destruction of company materials and information, and reminders of ongoing obligations under NDAs and employment agreements.<\/li><li><b>Security Awareness and Training.<\/b> MTech runs a continuous security awareness program that includes general security training for all staff, targeted modules addressing current threat vectors (e.g., phishing, social engineering), and phishing simulations and follow-up training for identified gaps.<\/li><li><b>Disciplinary Process.<\/b> MTech maintains a disciplinary process for handling security breaches. The process ensures fair and consistent treatment of incidents, with escalation protocols and corrective actions depending on severity and intent.<\/li><\/ul><\/div>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-537821c elementor-widget elementor-widget-heading\" data-id=\"537821c\" data-element_type=\"widget\" data-e-type=\"widget\" id=\"physical-security\" data-widget_type=\"heading.default\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">17.\tPhysical Security<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-58953ee elementor-widget elementor-widget-text-editor\" data-id=\"58953ee\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t\t\t\t\t\t<div style=\"padding-left: 40px;\"><p>MTech partners with Microsoft Azure to host our platform and services. Microsoft Azure maintains industry-standard security certifications, including ISO 27001, ISO 27017, ISO 27018, SOC 1, SOC 2, SOC 3, and PCI DSS Level 1. More info about the security of Microsoft Azure\u2019s data centers can be found at <a href=\"https:\/\/learn.microsoft.com\/en-us\/azure\/security\/\" target=\"_blank\" rel=\"noopener\">https:\/\/learn.microsoft.com\/en-us\/azure\/security\/<\/a>.<\/p><p>MTech has implemented measures to ensure that only authorized people can access our physical office locations. This includes comprehensive access controls such as employing badge readers, camera surveillance, and time-specific access restrictions.<\/p><\/div>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-2049fe9 elementor-widget elementor-widget-heading\" data-id=\"2049fe9\" data-element_type=\"widget\" data-e-type=\"widget\" id=\"vendor-subprocessors\" data-widget_type=\"heading.default\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">18.\tVendor Management and Sub-processors<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-52d27cb elementor-widget elementor-widget-text-editor\" data-id=\"52d27cb\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t\t\t\t\t\t<div style=\"padding-left: 40px;\"><p>MTech relies on a series of supporting services from third-party vendors to operate efficiently and effectively. Where these vendors are integrated with MTech\u2019s services or may impact our security and risk tolerance, we conduct thorough risk assessments prior to onboarding any new vendor (including trial periods) and as needed for existing vendors. Such risk assessments include vetting for compliance with SOC 2 and ISO 27001 standards.<\/p><p>All sub-processors (vendors that process personal data) are subject to written agreements requiring them to meet MTech\u2019s security, privacy, and compliance standards. We maintain a public list of current sub-processors and provide notice of any changes.<\/p><p>Our sub-processor list is available at <a href=\"https:\/\/mtechsystems.io\/legal\/sub-processor-list\/\" target=\"_blank\" rel=\"noopener\">https:\/\/mtechsystems.io\/legal\/sub-processor-list\/<\/a>.<\/p><\/div>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-e0b7b2d elementor-widget elementor-widget-heading\" data-id=\"e0b7b2d\" data-element_type=\"widget\" data-e-type=\"widget\" id=\"contact-us\" data-widget_type=\"heading.default\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">19.\tContact Us<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-f034227 elementor-widget elementor-widget-text-editor\" data-id=\"f034227\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t\t\t\t\t\t<div style=\"padding-left: 40px;\"><p>If you have questions regarding our information security or data privacy practices, you can contact us using the details below.<\/p><p>Email: <a href=\"mailto:support@mtech-systems.com\">support@mtech-systems.com<\/a><\/p><p>Mail: 115 Perimeter Center Place NE, Suite 845, Atlanta, GA 30346, USA<\/p><\/div>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>Security Measures 1. Governance and Organization 2. Frameworks and Certifications 3. Data Categories Processed 4. Data Subject Rights and Privacy Requests 5. Core Security Principles 6. Zero-Trust Framework 7. Hosting 8. Operational Security and Monitoring 9. Threat Intelligence and Risk Analysis 10. Access Management Controls 11. Secure Development Practices 12. Penetration Testing 13. Incident Management [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"parent":1059,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"content-type":"","footnotes":""},"class_list":["post-32815","page","type-page","status-publish","hentry"],"_links":{"self":[{"href":"https:\/\/mtechsystems.io\/es\/wp-json\/wp\/v2\/pages\/32815","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/mtechsystems.io\/es\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/mtechsystems.io\/es\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/mtechsystems.io\/es\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/mtechsystems.io\/es\/wp-json\/wp\/v2\/comments?post=32815"}],"version-history":[{"count":16,"href":"https:\/\/mtechsystems.io\/es\/wp-json\/wp\/v2\/pages\/32815\/revisions"}],"predecessor-version":[{"id":32975,"href":"https:\/\/mtechsystems.io\/es\/wp-json\/wp\/v2\/pages\/32815\/revisions\/32975"}],"up":[{"embeddable":true,"href":"https:\/\/mtechsystems.io\/es\/wp-json\/wp\/v2\/pages\/1059"}],"wp:attachment":[{"href":"https:\/\/mtechsystems.io\/es\/wp-json\/wp\/v2\/media?parent=32815"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}