Intrro has an asset management policy in place to protect data that is stored and accessible via endpoints, such as company workstations and laptops.
Fleet management
All corporate endpoints are protected against internal threats and local vulnerabilities AWS Systems Manager and Vanta. All devices are continuously monitored for the following checks:
- Full-disk encryption
- Screen lock enabled
- Latest security updates
- Malware detection and anti-virus
- Personal firewall enabled
- Unencrypted SSH keys
- Password management software
All corporate devices are also enrolled in mobile device management (MDM) enabling Intrro to remotely manage assets to ensure compliance with configuration standards and enabling remote lock and erase in the event of a lost or stolen device.
Network security
All corporate wireless networks, including both corporate and guest networks, encrypt data in transit using WPA2-AES encryption. Guest network traffic and access is separated from corporate network traffic and access.
Corporate networks are protected with Intrusion Detection Systems (IDS) and Intrusion Protection Systems (IPS) to block malicious traffic and actors attempting to access Dovetail's corporate network.
Removable media and offline backups
Intrro prohibits use of removable media and offline backups to mitigate both the risk of data loss as well as the risk of malware being introduced.