Morrow

Security & Compliance

At Morrow, we take security and compliance seriously. We're committed to maintaining the highest standards of data security and privacy protection.

Our Compliance Standards

Morrow is committed to maintaining the highest standards of security and compliance to protect your data and privacy.

ISO 27701

Privacy Information Management

Compliant

GDPR

General Data Protection Regulation

Compliant

SOC2 Type I

System and Organization Controls

Certification in process

ISO 22301

Business Continuity Management

Compliant

ISO 27017

Cloud Security

Compliant

ISO 27001

Information Security Management

Certification in process

ISO 27018

Protection of PII in Public Cloud

Compliant

ISO 31000

Risk Management

Compliant

CCPA

California Consumer Privacy Act

Compliant

NIST 800-171

Protection of Controlled Unclassified Information

Compliant

Note on Third-Party API Apps: While Morrow maintains rigorous compliance standards for our own systems and services, any data processed or stored by third-party API Apps falls under their respective privacy and compliance frameworks. We carefully select our integration partners but recommend reviewing their individual compliance certifications and privacy policies when utilizing these services through our platform.

Current Security Measures

Data Encryption

All data is encrypted in transit and at rest using industry-standard encryption protocols.

Regular Security Audits

We conduct regular security assessments and penetration testing to identify and address potential vulnerabilities.

Access Controls

We implement strict access controls and follow the principle of least privilege to ensure data is accessible only to authorized personnel.

Continuous Monitoring

Our systems are continuously monitored for suspicious activities, and we have incident response procedures in place.

Our Commitment

We're committed to maintaining the highest standards of security and compliance to protect your data. As we progress through our compliance journey, we'll update this page with our achievements and ongoing efforts.

If you have any questions about our security measures or compliance status, please don't hesitate to contact us.