Security

Enhanced Security Measures Our services are fortified with advanced security technologies to ensure robust protection at every level.
delivery software features

SOC 2 Type 1

SOC 2 Type 1 Compliance: Your Data Security Assured

We take pride in being SOC 2 Type 1 compliant, a testament to our commitment to data security.

What exactly does this mean? SOC 2 Type 1 certification is an industry-recognized standard that affirms our dedication to maintaining the highest levels of data security for our customers.

Given the substantial volume of data managed by our delivery management software, obtaining this compliance was imperative.
To secure this attestation, we underwent a stringent audit conducted by the American Institute of CPAs (AICPA), demonstrating adherence to comprehensive data security, availability, and confidentiality criteria. Rest easy knowing that with Cigo, your data is protected by a verified and trustworthy system.

Policy

We continuously strive to ensure that the data of our clients is stored and exchanged over secure network channels and in robust enterprise grade infrastructure.

Over the years, we've made some key decisions and enhancements to specifically ensure the integrity and safety of our user's data.

Internally, we've established some guiding principles to ensure that all new development and refactoring efforts continue to improve upon our security and privacy standards. Namely, we implement:

Encryption of data in transit and data at restStrong WAF (Web Application Firewall) rule sets and NSGs (Network Security Rules)Secure networking of our core infrastructure. Applying additional encryption layering on sensitive data at rest.

Only serving user uploaded multimedia content over SSL and HTTPSEnterprise-grade Cloud infrastructure to safeguard our users from being affected by DDoS attacks
And many more...

Vulnerability Disclosure Program (VDP)

As part of our efforts to continuously improve our product offerings, we are open to reports of any security issues and vulnerabilities that researchers may find on our site.

We've ensured that we provide sufficient information in the Q&A below to offer a secure channel for anyone to share said vulnerabilities if any are found.

How can I report a vulnerability to your team?
We've gathered all of the information you'll need to reach us here: security.txt

Do you have a bounty or vulnerability reward program?
At this time, we do not have a bounty program, but we are happy to work with any researchers that find any security or an abuse risk related bug in a Cigo product and would like to report it to us.

Will my report be recognized?
If the issue reported is valid and sufficiently significant, we will happily share your credentials under the Acknowledgments section of this page after it has been resolved.

Acknowledgements

No acknowledgments at this time.