Trust Center

Start your security review
View & download sensitive information
Ask for information
Search items
ControlK

Overview

Red Cup IT has implemented best-in-class security practices to keep customer data safe. Our mission is to build the world's most secure and advanced MSP platform, where security by design is the default way that we operate. We're laser-focused on how to leverage security as an enabler of a better user experience for our customers. Privacy and data security best practices are embedded in our policies, training, and daily operations.

Compliance

CCPA Logo
CCPA
CSA STAR Logo
CSA STAR
GDPR Logo
GDPR
HIPAA Logo
HIPAA
NIST CSF Logo
NIST CSF
PCI DSS Logo
PCI DSS
SOC 2 Logo
SOC 2
CMMC Logo
CMMC
Cyber Essentials Logo
Cyber Essentials
ISO 27001 Logo
ISO 27001
ISO 27001 SoA Logo
ISO 27001 SoA
Start your security review
View & download sensitive information
Ask for information

Red Cup IT is reviewed and trusted by

Chainalysis-company-logoChainalysis
Chosen Foods-company-logoChosen Foods
Curative-company-logoCurative
Gradient MSP-company-logoGradient MSP
healthOme-company-logohealthOme
Humble Juice Co.-company-logoHumble Juice Co.
Kailos Genetics-company-logoKailos Genetics
Libertas Funding-company-logoLibertas Funding
Maiden Century-company-logoMaiden Century
MaryRuth Organics-company-logoMaryRuth Organics
Nicotine River-company-logoNicotine River
Paderia-company-logoPaderia
Senteon-company-logoSenteon
Smarty Social Media-company-logoSmarty Social Media
ZeroTek-company-logoZeroTek

Documents

SOC 2 Report

Risk Profile

Data Access Level
Impact Level
Recovery Time Objective
View more

Reports

HIPAA Report
Network Diagram
PCI DSS
View more

Self-Assessments

CAIQ Lite
SIG Lite

Data Security

Access Monitoring
Backups Enabled
Data Erasure
View more

App Security

Responsible Disclosure
Bot Detection
Code Analysis
View more

Legal

Subprocessors
Master Services Agreement
Privacy Policy
View more

Data Privacy

Cookies
Data Breach Notifications
Data Privacy Officer
View more

Access Control

Data Access
Logging
Password Security

Infrastructure

Amazon Web Services
Anti-DDoS
Azure
View more

Endpoint Security

Disk Encryption
DNS Filtering
Endpoint Detection & Response
View more

Network Security

Data Loss Prevention
DNSSEC
Firewall
View more

Corporate Security

Asset Management Practices
Email Protection
Employee Training
View more

Policies

Acceptable Use Policy
Access Control Policy
Anti-Malicious Software Policy
View more

Security Grades

SecurityScorecard
Website
Security Scorecard A grade
CryptCheck
redcupit.com
HSTS Preload List
redcupit.com
View more

Trust Center Updates

Red Cup IT Not Impacted by MOVEit Vulnerabilities

VulnerabilitiesCopy link

Recently, the security team here at Red Cup IT became aware of the news surrounding a high-impact MOVEit vulnerability. Reputable threat intelligence sources have reported that this incident impacts customers of this solution: https://www.securityweek.com/moveit-customers-urged-to-patch-third-critical-vulnerability/.

We want our customers to know that this vulnerability does not impact Red Cup IT.

We do not leverage this technology/software within our product, and therefore the confidentiality, integrity, and availability of our systems remain unharmed.

Thanks, and please reach out with any questions. Team Red Cup IT

Published at N/A

Confirmation of no impact from CircleCI's January 2023 security incident

GeneralCopy link

Red Cup IT does not use CircleCI for continuous integration and continuous delivery.

Published at N/A

Microsoft Exchange

GeneralCopy link

Red Cup IT does not use Microsoft Exchange Server (Cloud or On-Premise)

Published at N/A

Confirmation of no impact from Okta’s January 2022 Compromise

IncidentsCopy link

At Red Cup IT, Inc., transparency with our clients and maintaining our customers' trust are critical to who we are. As you’ve likely heard in the news, Okta released a statement on March 22nd, 2022 regarding a security incident that may have affected their customers. Red Cup IT, Inc. leverages Okta as an authentication provider for internal authentication. Our team has received notice from Okta that neither we nor our customers were affected by this incident.

Published at N/A

Log4j Vulnerability

IncidentsCopy link

Red Cup IT, Inc. can confirm that within 24 hours of publishing CVE-2021-44228 in our vulnerability database all services that compose our platform running Apache’s vulnerable Log4j library have been patched to the latest version. We have not detected any successful attempts at exploitation of this attack vector during that time window. Red Cup IT, Inc.'s security response to events pertaining to the Log4j remote code execution vulnerability (RCE) is also strengthened by our defense in depth that leverages network-based firewalls, web application firewalls, and anomaly detection with our platform environment.

Published at N/A

If you need help using this Trust Center, please contact us.

Contact Support

If you think you may have discovered a vulnerability, please send us a note.

Report Issue
Powered bySafeBase Logo