notch's Trust Center Ask a question

notch

AI Built for Regulated Industries

Controls

Updated Jul 8, 2026
Product Security
  • Secure Software Development Lifecycle established
  • Penetration Testing conducted
  • Change Management procedures enforced
  • Vulnerability scanning procedures established
  • Secure product architecture defined
  • Production environment segregation enforced
  • Intrusion Detection systems utilized
Access Management
  • Role Based Access Control (RBAC) established
  • Multi Factor Authentication implemented
  • User Access Reviews conducted
  • Password policy enforced
  • Restricted production access maintained
  • Privilege access restricted
  • Access control policies and procedures defined
  • Production database access restricted
  • Access request and approval process defined
Security and Continuity Procedures
  • Business Continuity and Disaster Recovery plans established
  • Continuity and Disaster Recovery plans tested
  • Incident Response plan tested
  • Data backups and restoration procedures tested
  • Production multi-availability zones utilized
  • Production monitoring implemented
  • Audit logging established
Data Security
  • Encryption at rest implemented
  • Encryption in transit implemented
  • Encryption key management process established
  • Network and firewall access restricted
Organization Security
  • Risk Assessment and treatment established
  • Vendor Risk Management established
  • Asset Management maintained
  • Security Awareness Training implemented
  • Secure Development LifeCycle (SDLC) Training implemented
  • Defined roles and responsibilities established
  • Service Level Agreement established
  • Candidates screening checks
  • Confidentiality agreement acknowledged by employees
Endpoint Security
  • Endpoint Detection and Response established
  • Disk encryption enforced
  • Threat and Malware protection enforced
  • Endpoint Management policies established