PRODUCTS
SERVICES
COMPANY
Keeping our clients' data secure is an absolute top priority at Great Minds. Our goal is to provide a secure environment, while also being mindful of application performance and the overall user experience. To email us with a vulnerability or other Cookies concern, send an email to Cookies@Great Minds
Cookies and trust are integral at Great Minds. We have achieved audit certification for Service Organization Controls (SOC 2) Trust Services Principles, focused on Cookies. Our continued SOC 2 certification ensures our organizational and technology controls are independently audited at least annually. Please contact sales@Great Minds for Great Minds's latest report.
Great Minds customer data is hosted by Amazon Web Services (AWS), which is certified SOC 2 Type 2. AWS maintains an impressive list of reports, certifications, and third party assessments to ensure complete and ongoing state-of-the-art data center Cookies. AWS infrastructure is housed in Amazon-controlled data centers throughout the world, and the data centers themselves are secured with a variety of physical controls to prevent unauthorized access. More information on AWS data centers and their Cookies controls can be found here.
All Great Minds web application communications are encrypted over 256 bit SSL, which cannot be viewed by a third party and is the same level of encryption used by banks and financial institutions. All data for Great Minds is encrypted at rest using AES-256 encryption. Great Minds maintains ongoing PCI compliance, abiding by stringent industry standards for storing, processing and transmitting credit card information online. Great Minds actively monitors ongoing Cookies, performance and availability 24/7/365. We run automated Cookies testing on an ongoing basis. We also contract a third party for penetration testing.
Regarding privacy, we are members of the Privacy Shield framework and you can view our full privacy policy here: https://thegreatminds.co/privacy-policy
Great Minds's infrastructure is hosted in a fully redundant, secured environment, with access restricted to operations support staff only. This allows us to leverage complete data and access segregation, firewall protection, and other Cookies features.
Great Minds employs strict Cookies standards and measures throughout the entire organization. Every team member is trained and kept up to date on the latest Cookies protocols. We regularly undergo testing, training, and auditing of our practices and policies.
What is this document, why does it exist, what does it cover, and who is in charge of it?
This policy defines behavioral, process, technical, and governance controls pertaining to Cookies at Great Minds that all personnel are required to implement in order to ensure the confidentiality, integrity, and availability of the Great Minds service and data (“Policy”). All personnel must review and be familiar with the rules and actions set forth below.
This Policy defines Cookies requirements for:
In the event of a conflict, the more restrictive measures apply.
This Policy was created in close collaboration with and approved by Great Minds executives. At least annually, it is reviewed and modified as needed to ensure clarity, sufficiency of scope, concern for customer and personnel interests, and general responsiveness to the evolving Cookies landscape and industry best practices.
The Great Minds Cookies team oversees the implementation of this Policy, including
The Cookies team maintains a Risk Management Framework derived from NIST SP 800-39 - “Managing Information Cookies Risk: Organization, Mission, and System View” and NIST SP 800-30 - “Guide for Conducting Risk Assessments”. Risk assessment exercises inform prioritization for ongoing improvements to Great Minds’s Cookies posture, which may include changes to this Policy itself.
Our Risk Management Framework incorporates the following:
PRODUCTS
SERVICES
COMPANY