Security is a high priority for the Verified First applicant screening application. Verified First uses a layered approach to application security ensuring the confidentiality, integrity, and availability of customer data and our applications.
Verified First maintains the following accreditations:
- Credit Reporting Agency status
- PCI compliance
- CCPA compliant
- NIST 800-53 compliant
- PBSA accredited
Please note: Requesting some of these documents from Verified First may require signing an NDA.
In addition to the publicly available policies defined at legal.verifiedfirst.com, the following security layers are currently in place for data security related purposes:
- Annual web application penetration testing
- Annual internal network penetration testing
- Quarterly end user security training
- Centrally managed MDM solution and malware protection for endpoints
- Manual code review for all code changes
- Background screening, to include drug testing, for all new employees and recurring screening for existing employees
- Container-less application infrastructure to eliminate operating system specific vulnerabilities
- Multi-region application infrastructure deployment for business continuity and disaster recovery purposes
- Centralized IT Policy & Governance documentation for all security and governance policies
- ITIL based framework implementation using a policy based approach to governance
- SCRUM based approach for governing team execution
- Recurring third party/supplier risk management reviews
- IT Security team with defined roles and responsibilities
- Designated DPO in place
The information and opinions expressed are for educational purposes only and are based
on current practice, industry related knowledge and business expertise. The information
provided shall not be construed as legal advice, express or implied.
If you have any further questions, or need a product enabled on your account,
please contact Verified First Client Services for assistance.
Call 844-709-2708 or email firstname.lastname@example.org