Overview

At Phished, we're deeply committed to maintaining robust and comprehensive security measures. We believe that keeping our systems, and by extension your data, secure is of paramount importance. We don't just comply with the industry standard for data protection, we strive to exceed it.

This Security Page provides an overview of our stringent internal security program. It gives you an insight into our dedication to consistently uphold the highest levels of data security. On this page, you can request access to our audit reports and security policies for a detailed review.

If you have any questions about our security program, please review our Security Overview which is available below.

Compliance

SOC II

ISO 27001

GDPR

Cloud Security

Cyber Essentials

Security Scorecard

Company

Risk profile

Data access level Restricted
Impact Severe
Recovery time objective < 4 hours

Legal

Cyber insurance
Data Processing Agreement
Privacy policy

Corporate Security

Security awareness
Incident Response
Role-based access control

Policies

Information Security Policy
Access Control Policy
Asset Management Policy

Endpoint Security

Disk Encryption
Endpoint Detection & Response
Mobile Device Management

Security overview

Product

Security

Industry-grade encryption (in transit and at rest)
Audit logging
SSO (SAMLv2) compatible

Infrastructure

Google Cloud Platform
Validated disaster recovery plan
Enterprise-grade Web Application Firewall (WAF)

Access control

Role-based access control
Multi-factor authentication
Password security

If you think you may have discovered a vulnerability, please send us a note

Report issue