Trust is everything to us, but you can’t have trust without security. That’s why we use independent experts to verify our security, privacy, and compliance controls. No company is impenetrable, and we’re always aiming to be better. If you find any security issues with our services, please report it.

It is our responsibility to protect our clients’ data vigilantly and in accordance with global data privacy and security standards. Our certifications demonstrate our commitment to high standards in security and data privacy.

The SOC 2 report is an independent examination of The Conover Company’s control environment regarding data security and is performed by a licensed third-party auditor.

If you would like to access or SOC2 Report, Security Policies and Plans, you can request access to these files.  We will review your request.  If approved, we will send you a Non-Disclosure Agreement to sign before you can receive copies of the requested documents.

Compliance

SOC 2 Report

Security

Penetration Test Certification
Incident Response Workflow
Infrastructure Diagram

Policies & Plans

Acceptable Use Policy
Asset Management Policy
Backup Policy
Business Continuity Plan
Change Management Policy
Code of Conduct
Data Classification Policy
Data Protection Policy
Data Retention Policy

Disaster Recovery Plan
Encryption Policy
Incident Response Plan
Information Security Policy
Password Policy
Physical Security Policy
Responsible Disclosure Policy
Risk Assessment Policy
Software Development Life Cycle Policy
System Access Control Policy
Vendor Management Policy

If you would like to access or SOC2 Report, Security Documents or Policies, you can request access to these files.  We will review your request.  If approved, we will send you a Non-Disclosure Agreement to sign before you can receive copies of the requested documents.

We monitor 100+ security controls and work with auditors and security experts to ensure automated tests are accurate.  We have partnered with Drata to help automate our compliance.  Drata is a security and compliance automation platform that continuously monitors and collects evidence of a company’s security controls, while streamlining workflows to ensure audit-readiness.