One of our core values is Trust:
β
Champion complete vigilance for the privacy and security of information. Show respect through accountability; responsibility assumed; and ownership taken. Transparently. Willingly. Effectively.
β
As such, at IT Glue we take every security incident extremely seriously, and we have internal processes and security compliance standards that guide how we review reports or remediate possible vulnerabilities.
β
To maintain utmost confidentiality and protect partner data and security, we will take additional steps to move all security-related discussions offline, reducing any public visibility until we have properly assessed the situation.
β
Our Responsible Security Reporting and Disclosure policy invites the disclosure of security vulnerabilities responsibly and ethically. If you're a user, partner, or security researcher, and you think you've found a possible vulnerability with IT Glue, please follow the steps below:
Potential security bugs and vulnerabilities should be reported to us by email(security@itglue.com).
Give us an opportunity to respond before making any public disclosure or comments about the vulnerability.
Do not share, access, or modify any data without the account owner's permission.
Act in good faith, and do not maliciously degrade the performance of our services (including denial of service).
Following these basic guidelines, we will all be better equipped to help keep data safe. Thank you in advance for your consideration of, and abidance with this policy.