By making us part of your data strategy, you are instilling trust in Harbr to protect your valuable data assets. We take that responsibility very seriously and put security at the forefront of our product design, operations and customer engagement.
Harbr’s information security strategy is based around the core NIST principles of Identify, Protect, Detect, Respond, and Recover.
We run a comprehensive vulnerability identification program, which starts with identifying our assets and then deploying tooling to scan for vulnerabilities. This happens across the product development lifecycle, from threat modeling at the early stages, through to penetration testing of the resulting product. A similarly robust process is used for our internal business operations, as well as identifying and risk assessing our suppliers.
Harbr takes a defense in depth approach to security, applying robust and proportionate technical safeguards, as well as policies and procedures that are backed by audit. We also have a security awareness program for all employees, and completion of this is required in order to maintain access to any systems.
We have a centralized Security Incident and Event Monitoring platform that collates logs from all systems, including our identity and access platform, which is at the heart of our defensive capability. Security monitoring is conducted in as near to real time as possible and we use machine learning to discover anomalies that need investigation.
Our incident response capability is focused on minimizing the impact of any discovered breaches or vulnerabilities. Any Harbr employee and any customer is able to raise a security incident, which is immediately triaged to drive an appropriate response. We regularly test and refine this process.
Recovery from an information security incident is built into our business continuity and disaster recovery planning, and we continually refine and improve these processes.
Harbr is committed to the security and trust of our customers. If you believe you have found a security vulnerability in any of Harbr’s products or websites, please send in a report. We will investigate all reports and do our best to fix valid issues quickly.