Security and Compliance at Tech Soft 3D
Tech Soft 3D operates a comprehensive ISO 27001 Information Security Management System (ISMS) that governs how we protect information across our people, processes, and technology.
The ISMS is certified to the ISO 27001 standard, demonstrating our commitment to safeguarding data and continually improving our security practices.
Data at Rest
All in-scope computers and servers are protected with AES-256 full-disk encryption.
Data in Transit
TLS 1.2 or higher is utilised everywhere data is transmitted over potentially insecure networks.
Pen Testing & Application Security
Tech Soft 3D conducts regular penetration testing and application security assessments across our networks and web applications to identify and remediate potential vulnerabilities.
Vulnerability Scanning
Regular vulnerability scans are carried out on Tech Soft 3D’s systems, with identified issues systematically tracked and remediated in line with our IT policy requirements.
Endpoint Protection and Monitoring
All corporate devices are centrally managed with device management software and anti-malware protection. This enforces the secure configuration of endpoints, such as disk encryption, screen lock configuration, and software updates.
Secure Remote Access
Remote access to internal resources is secured using a modern VPN platform that requires MFA.
Security Awareness Training
All staff complete mandatory security awareness training during induction, with regular refresher training delivered company wide.
Identity and Access Management
All staff are assigned a unique user account and granted role-based access to data. Additional access requires a formal approval process and is controlled through our IT support ticketing system.