Your Data is Secure

At Growers Edge we understand how important your sensitive data is to you. That’s why we treat your data like it’s our own. We combine industry-leading security features and practices with regular audits to ensure your data is well-protected.

OUR SECURITY PRACTICES

Security Matters

Growers Edge takes the responsibility of protecting the confidentiality, integrity, and availability of the data entrusted to us very seriously. We have implemented and maintain an industry-leading Information Security Management System so you can be confident your data is secure!

soclogo

Compliance

We maintain an enterprise-wide Risk Management framework.

System

Data Infrastructure

We use best in industry practices to provide for our customers.

whiteicon3-300×300

Personnel Security

Every Growers Edge Employee is trained and assessed. 

whiteicon4-300×300

Product Development

Our products are built with security and quality top of mind.

Compliance

SOC 2 Type I Certified

Growers Edge’s SOC 2 Type I report covers the Security Trust Services Category. Growers Edge is seeking SOC 2 Type II certification by January 2023 and will be audited annually.

California Consumer Privacy Act Compliance

We ensure policies, processes and controls comply with California Consumer Privacy Act requirements.

 

Data & Infrastructure Security

Secure Infrastructure Provider

We host our applications, data and infrastructure in physically secure, U.S.-based Microsoft Azure data centers and Amazon Web Services (AWS) facilities that include boundary protection, data backup, data encryption, 24/7 on-site security, camera surveillance, and more. In addition, some data is also stored in Fiserv, Inc. and MeridianLink data centers.

Data Encryption in Transit & At Rest

All data sent to or from Growers Edge is encrypted using the HTTP-Secure (HTTPS) Protocol and stored at rest at the server level in either Azure or AWS. Personal information is further encrypted at rest at the column level. For Lending data, transparent data encryption is enabled to encrypt production databases, backups, and logs at rest.

Data Redundancy and Resiliency

Growers Edge’s infrastructure has been designed to be fault tolerant. All databases are continuously backed up.

Strict Access Controls

Access to all Growers Edge systems is managed through our Product Teams or its managed service provider, which includes user provisioning, 2FA and activity logs.

Server Security and Monitoring

All servers are configured using documented security guidelines, and images are managed centrally. Changes to the company’s infrastructure are tracked, and security events are logged appropriately.

 

Personnel Security

Formal Security Policies and Incident Response Plan

Growers Edge maintains a set of comprehensive security policies that are kept up to date to meet the changing security environment. These materials are made available to all employees during training.

Strict Onboarding and Offboarding Process

Every new hire passes thorough background checks and attends a “Legal and Security” training course and annual Security Awareness Training. Growers Edge disables departing employee’s devices, apps and access during offboarding.

Continuous Security Training

The Growers Edge Security Team provides continuous education on emerging security threats, performs phishing awareness campaigns, and communicates with employees regularly.

Office Security

Growers Edge manages visitors, office access, and overall office security via a formal office security program.

 

App & Development

Penetration Testing and Application Testing

We regularly run internal penetration tests and partner with reputable security firms to run external penetration tests. Additionally, our application development process allows anyone in our organization to test our system and report defects.

Application Monitoring and Protection

All app access is logged and audited by our Product Teams through Azure AD. We also use a wide variety of solutions to quickly identify and eliminate threats, including an Azure Sentinel Security Information and Event Management (SIEM) solution and Huntress for advanced Endpoint Detection and Response (EDR).

Development and Change Management Process

Code development is done through a documented SDLC process, and every change is tracked via a code repository and ticketing system. Automated controls ensure changes are peer reviewed and pass a series of tests before being deployed to production.

Third-Party Vendor Security Review Process

We ensure all of our third-party apps and providers meet our security data protection standards before using them and review them annually.

 

To view our Information Security Management System (ISMS), click here.

Protect Your Bottom Line

Our commitment to data security and privacy doesn’t just impact our business operations. We help our ag partners understand the value of this work and how it can be used to strengthen their own security.

About Us
bg-footer-1

Get in Touch

Contact Us

Welcome to Farm Manager

Forgot your password?


Enter your email address to be sent instructions on how to reset your password.