Companies such as Microsoft, Cisco, SAP, Google, and IBM have trust centers published on their websites because they store digital information. Trust centers are the one-stop clearinghouses for information about company practices, policies, and procedures on privacy, security, transparency, and compliance. By giving customers easy access to this information, the public can better understand how companies manage data and how they keep confidential information secure and protected. Also found in trust centers are the procedures for notifying security experts if vulnerabilities are discovered.
Companies refer to trust centers as a “customer compliance center”, “security and trust center”, or any term that denotes the characteristics of security, privacy, transparency, and compliance. Many apps have built-in trust center options linked to a trust center or allow the user to adjust privacy and security settings within the app. For example, all Microsoft Office apps include these options under file/options/trust center.
The trust center describes the technologies, procedures, policies, and controls for protecting their infrastructure and the customer’s data from cyber-attacks and other fraudulent intrusions. Security topics may include:
- Risk Management
- Login Security
- Data Permissions
- Personnel Security
- Data Encryption
- Security Notifications
- Security Incident Response
- Third Party Audits
- General Privacy
- Children’s Privacy
- Data Encryption Protocols
- Information Protection Programs
- Data Retention and Deletion
- Data Processing Agreements
- General Data Protection Regulations (GDPR)
- Global Trade Compliance
- Federal Risk and Authorization Management Program (FedRAMP)
- Family Educational Rights
- Health Insurance Portability and Accountability (HIPAA)
- CSA STAR Certification
- Federal Information Processing Standards (FIPS)
- California Consumer Privacy Act (CCPA)
Transparency allows customers to see behind the curtain of the company’s interactions with stored and in-transit data. To maintain trust, these companies emphasize customer data privacy and control.
Even so, government and law enforcement authorities may request or demand access to data. In their trust centers, companies report such requests and provide details about their response.
Other aspects of transparency in a trust center include legal, security, compliance, privacy, and system performance information. For example, third party and governing body certifications and verifications will be found here, along with in-house policies about how data may be managed, cloud status, availability, and tools that impact how, and to what extent, someone may manage their data on the platform.
Privacy, like data protection and security, is of utmost importance to web-based services. Trust centers build confidence on issues of privacy by sharing policies on topics such as:
Many privacy and security topics overlap, as data security is crucial for ensuring privacy.
Accessing information about compliance with current regulations, industry standards, industry best practices, and required certifications is streamlined in the trust center. Customers need this information to build trust and confidence with their cloud services provider. Some of the many standard certifications and data protection laws are listed below. These are just a fraction of the compliance certificates that may be sought or required. Specific certificates depend on the services being provided.
Information is the currency of the Digital Age. The public must trust that the billions of terabytes within the Cloud are secure and private, and that there is compliance with all laws and regulations. Customers also demand transparency with how this is done, and insist on reliable service.
The trust center is where you will find answers to your questions about how data is stored and safeguarded. This is true whether you are an individual inquiring about the safety of your data on an app, or a large corporation trusting your company’s and customers’ data to a cloud provider.
On the other hand, if you are a company handling digital information and do not have a trust center yet, creating one may be essential to your future growth, customer confidence, and peace of mind. You may contact one of our trust center experts to find out how to get started with your own trust center.
Please email us at email@example.com to schedule a no-pressure, free consultation.