Brokers, carriers, and third-party partners trust ThreeFlow to keep their data secure and private. We’re always thinking of ways to keep data safe, from ensuring stable network connectivity to keeping out unauthorized users and safeguarding information on everything from proposals to renewals.
Incorporate security measures into our platform, people, and operations to protect systems and information.
Take the necessary steps and precautions to protect against the unauthorized disclosure of personal and confidential information.
Certify our products and undergo independent third-party audits.
Ensure that information and systems are available for our customers and prohibit unauthorized access.
We want you to understand how your data is collected, protected, and maintained. Browse some of the most frequently asked questions we’ve heard from our clients and partners.
ThreeFlow’s applications—including your data—are secured behind enterprise-grade firewalls. We perform rigorous security testing, including automated scanning and active third-party audits. If an incident occurs, we resolve the issue quickly using industry-standard security incident response practices and keep you informed with real-time system status updates.
All data is transferred between user devices and ThreeFlow servers using up to 256-bit encrypted connections via TLS 1.2. We also employ encryption at rest (AES-256) to protect the confidentiality and integrity of all data persisted by our applications.
Partnered with the industry leader Amazon Web Services (AWS), ThreeFlow’s cloud infrastructure is designed for dependability, high availability, and optimal performance. Your data is securely backed up in multiple availability zones to prevent a single failure from causing data loss.
ThreeFlow follows principles of least-access and limits access to customer data to authorized employees who require it for their job. All data access is logged to ensure an audit trail is created and reviewed periodically. We also provide administrative controls to enforce organization-wide protection such as Security Assertion Markup Language Single Sign-On (SAML SSO), enforced Two Factor Authentication (2FA), and System for Cross-domain Identity Management (SCIM).
ThreeFlow implements human review processes to ensure consistent quality in our software development practices. We also utilize industry-verified quality control processes, such as staging environments, peer reviews, and automated tests, enabling us to identify issues proactively.
ThreeFlow personnel undergo regular security and privacy awareness training that weaves security into technical and non-technical roles; all employees are required to participate in helping secure our customer data and company assets.
We obtain industry-accepted certifications and adhere to current industry standards to help you meet your compliance needs. ThreeFlow is SOC 2 Type 2 certified.