May 2022 – According to PwC, 49% of CEOs said cyber security threats are a significant concern for 2022. Part of Growers Edge’s commitment to our customers is protecting the data entrusted to us. Throughout our relationships with our ag partners, it is necessary for us to access many types of data used to administer our warranty or financing products. In turn, we take our customers’ data privacy and security very seriously and have measures in place to decrease cyber security risks to the data shared with us.
Cybersecurity is essential for a financial technology (fintech) company like Growers Edge. We empower growers to adapt and thrive by creating innovative technology solutions through ag retailers.
“We understand we have an important role and responsibility for the agricultural industry’s future to help customers keep their sensitive data safe,” says Todd McCombs, IT Director, Growers Edge. “We accomplish this by implementing strict cybersecurity strategies that keep the data our customer entrusts to us safe.”
What’s the difference between data privacy and data security?
Privacy means only authorized users can access sensitive data a company processes and stores in compliance with the agreement the owner of the data signed. Growers Edge rigorously works to make sure we comply with all data privacy laws. But just because the information is private doesn’t mean it’s secure. Currently, only 10% of U.S.-based companies are actively working to comply with 50 or more privacy laws.
Security refers to personal and private data and information having better protection from breaches, corruption or theft, no matter who tries to access it. Data security also preserves data integrity, helping assure that the data and analytics we share with our ag retailers and their customers are accurate.
The Growers Edge Information Security Management System (ISMS) is the foundation of our company-wide data privacy and security safety net. Our ISMS is a systematic approach consisting of processes, technology and personnel that helps manage and protect the organization’s information from being stolen or exploited by unauthorized users. In addition, Growers Edge has recently achieved an even higher security compliance standard to further increase our resiliency to security threats. This level of compliance is called Service Organization Control 2, also known as SOC 2, developed by the American Institute of CPAs (AICPA) in 2017. It is a voluntary compliance standard for service organizations that handle data like healthcare and financial institutions that specifies how organizations should manage customer data. Our completion of this certification will establish Growers Edge as an industry leader and one of only a few companies in the ag industry that will have met stringent requirements.
Data breaches and thefts are reported more and more frequently, and hackers continue to find ways to attack data despite the tools and strategies companies have in place to tighten data security. Knowing this, Growers Edge developed an Incident Response Plan to help minimize or contain the damage from an attack or breach. The plan lays out what defines a breach, the roles and responsibilities of the security team, tools for managing a breach and the steps we will take to investigate, address and communicate about the incident. It’s an added layer of security many companies don’t currently have in place, but one we believe will be critical to our success if or when an attack happens.
We believe there is strength in numbers. That’s why Growers Edge partners with Pratum, an Ankeny, Iowa information security services company, to build and maintain policies and procedures that help protect the data our ag retailer partners have entrusted to the company.
“Pratum helps their clients solve information security challenges based on the fundamental principle of risk. This has certainly been our approach with Growers Edge,” said Matthew McGill, Senior Information Security Consultant at Pratum. “Throughout our partnership, we’ve helped Growers Edge implement multifactor authentication at every access layer, enable data encryption to protect the information in transit and at rest, and establish secure network controls to ensure the privacy and security of sensitive information.”
With so many important things at stake like reputation, revenue and customer trust, we know our industry-leading protective practices and procedures will help us detect and respond to any security incident and event that arises as efficiently and quickly as possible. We understand the challenges facing today’s agriculture industry and work diligently every day to keep the information and data of our ag partners and their customers safe and secure.
Source: Growers Edge