Security is at the heart of what we do

Helping our clients improve their security and compliance posture starts with our own

Governance

a

Linchpin’s Security team establishes policies and controls, monitors compliance with those controls, and proves our security and compliance to third-party auditors.

Data Protection

a

Data at Rest

All data, including customer information, is encrypted when stored, enhancing security and ensuring the confidentiality and integrity of the information. This measure reflects our commitment to maintaining high standards of data security and instilling trust in our clients.

Enterprise Security

a

Endpoint protection

All corporate devices are centrally managed and are equipped with mobile device management software and anti-malware protection. Endpoint security alerts are monitored with 24/7/365 coverage. We use MDM software to enforce secure configuration of endpoints, such as disk encryption, screen lock configuration, and software updates.

Secure remote access

Linchpin secures remote access to resources and client devices using LogMeIn Central.

Identity and Access Management

Linchpin employees are granted access to applications based on their role and automatically de-provisioned upon the termination of their employment. Further access must be approved according to the policies set for each application.

Looking to report a security concern?

a

If you believe you’ve found a security vulnerability in Linchpin’s service, please notify us; we will work to resolve the issue promptly.

Disclosure Policy

If you believe you’ve discovered a potential vulnerability, please let us know by emailing us at security@linchpin-it.com. We will acknowledge your email within two (2) business days.

Please provide us with a reasonable amount of time to resolve the issue before disclosing it to the public or a third party. We aim to resolve critical issues within ten business days of disclosure.

Make a good-faith effort to avoid violating privacy, destroying data, or interrupting or degrading Linchpin services.

Exclusions

Linchpin is providing this service to help ensure a safe and secure environment for all of our clients. As such, any users believed to be engaging in the below activities will have their services immediately deactivated.

While researching, we’d like you to refrain from:

• Denial-of-Service (DoS)
• Spamming
• Social engineering or phishing of Linchpin employees or contractors
• Any attacks against Linchpin’s physical property

We do not accept reports for vulnerabilities solely affecting our marketing website (www.linchpin-it.com), which contains no sensitive data.

Thank you for helping to keep Linchpin and our clients safe!