Your Security—and Your Organization's Security—in Conductor
Your security and privacy are paramount to Conductor. Read below to learn what policies, practices, and controls we take to protect your business.
Conductor’s Security Policy
Refer to the Conductor Security Policy on our website for a full accounting of Conductor’s policies and practices regarding information security.
Certifications
Conductor has active ISO 27001 and SOC 2 Type 2 certifications.
Information Security Management System Policies and Procedures
Conductor maintains and follows all of the following ISMS policies and procedures:
|
|
Conductor’s Privacy Policy
Refer to the Conductor Privacy Policy on our website for a full accounting of Conductor’s policies and practices regarding privacy.
HIPAA and PCI Data
Conductor does not collect, store, or process any HIPAA or PCI data.
Personally Identifiable Information
Conductor’s collection of personally identifiable information (PII) is very limited, and includes only:
- Names and contact information of Platform Users for the purpose of provisioning credentials to our services. This can be anonymized if preferred.
- Platform User IP addresses, which customers can anonymize if preferred.
- Incidental collection of publicly available PII on a website (e.g., personal information on a bio page or product/service reviews that include the names of the reviewers).
Conductor does not collect any PII of our customers’ customers.
Two-factor Authentication
Conductor provides two-factor authentication (2FA) for users to help ensure a more secure and trusted experience for authenticating.
2FA adds an extra layer of security to the authentication process, making it harder for hackers to gain access to user accounts. By requiring users to provide a second form of authentication, such as a one-time code or biometric data, the likelihood of unauthorized access to the account is greatly reduced.
You can enable 2FA in your user profile.