logo

Data Security

Privacy
Privacy PolicyCookie PolicyData Security

Last Updated: June 25, 2024.

PanelLogic plans, develops and maintains our productivity applications and networks with strict security requirements and protocols in order to secure your data.

Network Security

PanelLogic’s network is built from the ground up to meet bank-level security best practices:

  • We maintain strict network segmentation between production and non-production systems.
  • Access to our production networks is heavily restricted through the use of firewall rules and requires multi-factor authentication and encrypted connections.
  • Access to our production networks is limited to a small number of engineers.
  • We maintain, and all employees and contractors are regularly updated regarding, comprehensive security policies and procedures.
  • Our leadership is well experienced in fostering a security culture that successfully passes annual independent information security audits. We are planning for an independent SOC2 Type I information security audit later this year.
Cloud Services

PanelLogic uses Microsoft Azure cloud services for hosting all data and functional components of our application systems. Intrusion detection and prevention systems monitor traffic on all our networks to identify potential security issues.

Access to Customer Data

Access to customer data is on a ‘need to access’ basis only. PanelLogic treats all customer data as sensitive and we’ve implemented stringent controls governing this data.

Unauthorized or inappropriate access to customer data is treated as a security incident and managed through our incident management process. This process includes instructions to notify affected customers if a breach of security is detected.

Access by Customer Support

Our support teams will only access customer data when necessary to answer specific customer questions or to resolve an open ticket. All support team member access to data is logged and reviewed to ensure compliance with our security policies and procedures.

Report a Vulnerability

If you believe you have found a security issue or vulnerability, which is a weakness in one of our services or infrastructure, that could allow an attacker to impact the confidentiality, integrity, or availability of the service or infrastructure, please submit a report to our security team by sending an email to: [email protected].

Please include as much information as you can in your email such as the following:

  • Type of issue (cross-site scripting, SQL injection, remote code execution, etc.)
  • Your browser and version (e.g. Chrome Version 102.0.5005.61)
  • The computer or mobile phone operating system and version (e.g. Apple Big Sur 11.6.6)
  • The potential impact of the vulnerability (i.e. what data can be accessed or modified)
  • Step-by-step instructions to reproduce the issue
  • Any proof-of-concept or exploit code required to reproduce the issue

(Note: We do not respond to bulk reports generated by automated scanners.)