iQUANT, Inc. Security Measures

WEBSITE SECURITY

iQUANT prioritizes the security of its website by implementing industry-standard protocols such as SSL (Secure Sockets Layer) and HSTS (HTTP Strict Transport Security). SSL encrypts data transmitted between users' browsers and the website, ensuring that sensitive information remains confidential and protected from unauthorized access. HSTS further enhances security by instructing web browsers to interact with the website only over secure HTTPS connections, reducing the risk of man-in-the-middle attacks and session hijacking.

In addition to SSL and HSTS, iQUANT employs clickjacking protection mechanisms to safeguard against clickjacking attacks, where malicious actors attempt to trick users into clicking on hidden or disguised elements on a webpage. By implementing these security measures, iQUANT aims to provide a safe and secure browsing experience for its users, fostering trust and confidence in its online platform.

iQUANT is a Squarespace hosted site.

Squarespace implements and maintains technical and organizational security measures to protect company and customer assets and data. Squarespace has a dedicated security team that guides the implementation of controls, processes, and procedures governing the security of Squarespace and its customers. The Squarespace security team is responsible for developing, implementing and maintaining an information security program that reflects the following:

  • Align security activities with Squarespace’s strategies and support Squarespace’s objectives.

  • Leverage security to facilitate confidentiality, integrity, and availability of data and assets.

  • Analyze identified or potential threats to Squarespace and its customers and provide reasonable remediation recommendations.

  • Actively monitor Squarespace environments and utilize the intelligence gathered to continuously improve our security program.

  • Support secure infrastructure, platform, and feature development. 

  • Perform red team exercises, to confirm control effectiveness and identify areas for improvement.

  • Conduct threat modeling exercises when building new or materially modifying existing systems, components, and platforms to confirm, identify and, where appropriate, proactively mitigate security risks. 

  • Manage security utilizing a risk based approach.

  • Leverage industry security and compliance frameworks where relevant and applicable.

  • Provide security awareness training to Squarespace employees and provide mechanisms for employees to reach directly out to the security team with questions.

Data Center, Cloud Providers, and Business Continuity/Disaster Recovery

  • Squarespace leverages leading data center and cloud service providers to house our physical and cloud infrastructure.

  • Our data center and cloud service providers utilize an array of security equipment, techniques, and procedures designed to control, monitor, and record access to the facilities.

  • Squarespace leverages geographically separate data centers and cloud service provider availability zones to facilitate infrastructure and service availability and continuity.

  • Squarespace has implemented solutions designed to protect against and mitigate effects of DDoS attacks. 

  • Squarespace has dedicated teams located in multiple geographies to support our platform and supporting infrastructure.

  • Squarespace has business continuity disaster recovery plans which are tested periodically. Results of testing are leveraged to improve plans where necessary. 

Encryption 

  • Squarespace leverages transport layer security (TLS) to encrypt data in-transit between website end users and customer domains.  

  • Squarespace offers HSTS (HTTP Strict Transport Security) which only allows Squarespace customer websites to be accessed via HTTPS.

Application Level Security

  • Squarespace hashes passwords for user accounts.

  • Two-factor authentication (2FA) is available on Squarespace member accounts for an added layer of security.  

  • Squarespace utilizes Web Application Firewall (WAF) technology.

  • Regular pen testing is performed on the Squarespace platform, the results of which are analyzed and remediated (as appropriate) by our engineering and security teams.

  • Customers have the ability to assign varying levels of permissions to their website’s contributors.

  • Provide the option for customers to implement clickjack protection to protect their websites and end users from UI redress attacks (i.e. clickjacking).

Incident Response

  • In the event of an issue related to the security of the Squarespace platform, the Squarespace security team follows a formal incident response process.  

  • Squarespace analyzes identified or potential threats to Squarespace and its customers, and takes reasonable actions where necessary.

Squarespace Building and Network Access

  • Physical access to Squarespace offices and access to the Squarespace internal network is restricted and monitored.

Systems Access Control

  • Access to Squarespace systems is limited to appropriate personnel.

  • Squarespace subscribes to the principle of least privilege.

  • Squarespace’s access control policy applies to systems that Squarespace manages and maintains.  The Squarespace access control policy addresses control processes that include, but are not limited to:  

    • Account provisioning/decommissioning 

    • Authentication

    • Privileged account management

    • User identification

    • Access logging and monitoring

Security Risk Management

Threat intelligence and risk assessment are key components of Squarespace’s information security program. Awareness and understanding of potential (and actual) threats guides the selection and implementation of appropriate security controls to mitigate risk. Potential security threats are identified, and assessed for severity and exploitability. If risk mitigation is required, the security team works with relevant stakeholders and system owners to remediate. The remediation efforts are tested to confirm the new measures/controls have achieved their intended purpose.

Safeguards

Law Enforcement Request Policy

Squarespace respects the human rights of our customers and their end users. Squarespace implements a robust law enforcement request policy which is designed to ensure that all law enforcement, governmental and regulatory requests are valid and made in accordance with applicable legal process. Squarespace does not disclose data to law enforcement, regulatory or governmental bodies unless required by applicable law and objects to unlawful requests. If Squarespace receives a demand for Your Controlled Data (as defined in the Squarespace Data Processing Addendum), Squarespace will attempt to redirect the law enforcement agency or regulatory or government body to request such data directly from the relevant customer. If compelled to disclose or provide access to data to law enforcement, regulatory or governmental bodies or agencies, Squarespace will notify the relevant customer and provide them with a copy of the demand to allow them to seek a protective order or other appropriate remedy (except if such notification is legally prohibited, such as through a prohibition under criminal law to preserve the confidentiality of a law enforcement investigation). 

Data Privacy Frameworks

Squarespace transfers personal data to the US from, as applicable, the European Economic Area, Switzerland and the United Kingdom pursuant to the EU-U.S. Data Privacy Framework, the Swiss-U.S. Data Privacy Framework and the UK Extension to the EU-U.S. Data Privacy Frameworks (each individually and jointly, the “Data Privacy Frameworks”). We are committed to treating personal information received from the European Economic Area, Switzerland and the United Kingdom pursuant to the applicable Data Privacy Framework in accordance with the principles thereof (the “DPF Principles”). You can find our certification here and you can learn more about the Data Privacy Frameworks (as determined based upon the country from which the personal information was received) and DPF Principles by visiting https://www.dataprivacyframework.gov/.

SECURITY MEASURES

Squarespace implements and maintains technical and organizational security measures to protect company and customer assets and data. Squarespace has a dedicated security team that guides the implementation of controls, processes, and procedures governing the security of Squarespace and its customers. The Squarespace security team is responsible for developing, implementing and maintaining an information security program that reflects the following:

·        Align security activities with Squarespace’s strategies and support Squarespace’s objectives.

·        Leverage security to facilitate confidentiality, integrity, and availability of data and assets.

·        Analyze identified or potential threats to Squarespace and its customers and provide reasonable remediation recommendations.

·        Actively monitor Squarespace environments and utilize the intelligence gathered to continuously improve our security program.

·        Support secure infrastructure, platform, and feature development. 

·        Perform red team exercises, to confirm control effectiveness and identify areas for improvement.

·        Conduct threat modeling exercises when building new or materially modifying existing systems, components, and platforms to confirm, identify and, where appropriate, proactively mitigate security risks. 

·        Manage security utilizing a risk based approach.

·        Leverage industry security and compliance frameworks where relevant and applicable.

·        Provide security awareness training to Squarespace employees and provide mechanisms for employees to reach directly out to the security team with questions.

Data Center, Cloud Providers, and Business Continuity/Disaster Recovery

·        Squarespace leverages leading data center and cloud service providers to house our physical and cloud infrastructure.

·        Our data center and cloud service providers utilize an array of security equipment, techniques, and procedures designed to control, monitor, and record access to the facilities.

·        Squarespace leverages geographically separate data centers and cloud service provider availability zones to facilitate infrastructure and service availability and continuity.

·        Squarespace has implemented solutions designed to protect against and mitigate effects of DDoS attacks. 

·        Squarespace has dedicated teams located in multiple geographies to support our platform and supporting infrastructure.

·        Squarespace has business continuity disaster recovery plans which are tested periodically. Results of testing are leveraged to improve plans where necessary. 

Encryption 

·        Squarespace leverages transport layer security (TLS) to encrypt data in-transit between website end users and customer domains.  

·        Squarespace offers HSTS (HTTP Strict Transport Security) which only allows Squarespace customer websites to be accessed via HTTPS.

Application Level Security

·        Squarespace hashes passwords for user accounts.

·        Two-factor authentication (2FA) is available on Squarespace member accounts for an added layer of security.  

·        Squarespace utilizes Web Application Firewall (WAF) technology.

·        Regular pen testing is performed on the Squarespace platform, the results of which are analyzed and remediated (as appropriate) by our engineering and security teams.

·        Customers have the ability to assign varying levels of permissions to their website’s contributors.

·        Provide the option for customers to implement clickjack protection to protect their websites and end users from UI redress attacks (i.e. clickjacking).

Incident Response

·        In the event of an issue related to the security of the Squarespace platform, the Squarespace security team follows a formal incident response process.  

·        Squarespace analyzes identified or potential threats to Squarespace and its customers, and takes reasonable actions where necessary.

Squarespace Building and Network Access

·        Physical access to Squarespace offices and access to the Squarespace internal network is restricted and monitored.

Systems Access Control

·        Access to Squarespace systems is limited to appropriate personnel.

·        Squarespace subscribes to the principle of least privilege.

·        Squarespace’s access control policy applies to systems that Squarespace manages and maintains.  The Squarespace access control policy addresses control processes that include, but are not limited to:  

o   Account provisioning/decommissioning 

o   Authentication

o   Privileged account management

o   User identification

o   Access logging and monitoring

Security Risk Management

Threat intelligence and risk assessment are key components of Squarespace’s information security program. Awareness and understanding of potential (and actual) threats guides the selection and implementation of appropriate security controls to mitigate risk. Potential security threats are identified, and assessed for severity and exploitability. If risk mitigation is required, the security team works with relevant stakeholders and system owners to remediate. The remediation efforts are tested to confirm the new measures/controls have achieved their intended purpose.

Safeguards

Law Enforcement Request Policy

Squarespace respects the human rights of our customers and their end users. Squarespace implements a robust law enforcement request policy which is designed to ensure that all law enforcement, governmental and regulatory requests are valid and made in accordance with applicable legal process. Squarespace does not disclose data to law enforcement, regulatory or governmental bodies unless required by applicable law and objects to unlawful requests. If Squarespace receives a demand for Your Controlled Data (as defined in the Squarespace Data Processing Addendum), Squarespace will attempt to redirect the law enforcement agency or regulatory or government body to request such data directly from the relevant customer. If compelled to disclose or provide access to data to law enforcement, regulatory or governmental bodies or agencies, Squarespace will notify the relevant customer and provide them with a copy of the demand to allow them to seek a protective order or other appropriate remedy (except if such notification is legally prohibited, such as through a prohibition under criminal law to preserve the confidentiality of a law enforcement investigation). 

Data Privacy Frameworks

Squarespace transfers personal data to the US from, as applicable, the European Economic Area, Switzerland and the United Kingdom pursuant to the EU-U.S. Data Privacy Framework, the Swiss-U.S. Data Privacy Framework and the UK Extension to the EU-U.S. Data Privacy Frameworks (each individually and jointly, the “Data Privacy Frameworks”). We are committed to treating personal information received from the European Economic Area, Switzerland and the United Kingdom pursuant to the applicable Data Privacy Framework in accordance with the principles thereof (the “DPF Principles”). You can find our certification here and you can learn more about the Data Privacy Frameworks (as determined based upon the country from which the personal information was received) and DPF Principles by visiting https://www.dataprivacyframework.gov/.

In-House Security Protocols 

Recognizing the critical nature of robust cybersecurity, iQUANT.pro has integrated the following in-house security protocols, including Virtual Private Networks (VPNs) and comprehensive virus protectors.

Virtual Private Network (VPN)

A VPN is the linchpin of digital security. Here's how iQUANT.pro leverages VPN:

  • Data Encryption: All data transmitted through iQUANT.pro is encrypted. This means unauthorized entities find it nearly impossible to decipher any information, ensuring that user data remains confidential.

  • IP Masking: By masking IP addresses, iQUANT.pro guarantees user anonymity, ensuring that users' activities cannot be easily traced back to them.

  • Secure Remote Access: VPNs allow iQUANT.pro's team members to securely access the platform from remote locations, ensuring uninterrupted services for users while maintaining the highest security levels.

Virus Protectors

Virus protection is a fundamental defense layer against a multitude of cybersecurity threats.

  • Real-time Scanning: iQUANT.pro's virus protection tools continuously scan the platform to detect and neutralize any potential threats instantly. This ensures that vulnerabilities are addressed before they can be exploited.

  • Regular Updates: Cyber threats evolve rapidly. By regularly updating its virus protection tools, iQUANT.pro stays a step ahead of potential attackers.

  • Multi-layered Defense: Beyond just viruses, iQUANT.pro's protection tools are designed to ward off a variety of threats, including malware, spyware, and ransomware.

Daily Backup

iQUANT backs up its data daily, ensuring continuity and safeguarding against potential loss or corruption. This proactive measure minimizes disruptions and maintains reliability for users.

Conclusion

iQUANT prioritizes website security with industry-standard protocols such as SSL (Secure Sockets Layer) and HSTS (HTTP Strict Transport Security) for data encryption and secure browsing. Additionally, measures like clickjacking protection enhance user safety. Squarespace, the hosting platform, implements rigorous security measures, including data center security, encryption, and incident response protocols. In-house, iQUANT integrates Virtual Private Networks (VPNs) and virus protection for data encryption, IP masking, secure remote access, real-time scanning, regular updates, and multi-layered defense against cyber threats. Daily data backups ensure continuity and minimize disruptions for users.