CyStack.,JSC

CyStack is a leading Vietnam-based cybersecurity firm recognized for its research, innovation, and award-winning products and services in security testing and assessment, managed security services, data protection, and security compliance. Dedicated to inclusivity, CyStack delivers intuitive and scalable solutions that ensure robust protection for businesses of all sizes, regardless of budget or technical expertise.

Controls

Data Security

STATUS

CONTROL

Compliant

Data Backup and Recovery

Critical data including customer data, source code, and business records is backed up regularly. Backups are tested periodically to ensure successful recovery.

Compliant

Data Classification

Data is classified into sensitivity levels (e.g., public, internal, confidential, restricted) with defined handling requirements for each level.

Compliant

Data Encryption

Sensitive and confidential data is encrypted at rest using AES-256 or equivalent, and in transit using TLS 1.2+ or VPN. Encryption standards are applied consistently across all systems.

Compliant

Data Retention and Deletion

Data retention periods are defined based on regulatory and business requirements. Data is securely deleted when no longer needed, using approved sanitization methods.

Compliant

Key and Secret Management

Cryptographic keys, API tokens, and secrets are stored in dedicated secret management systems. Secrets are never hardcoded in source code or configuration files.