Red Cup IT has implemented best-in-class security practices to keep customer data safe. Our mission is to build the world's most secure and advanced MSP platform, where security by design is the default way that we operate. We're laser-focused on how to leverage security as an enabler of a better user experience for our customers. Privacy and data security best practices are embedded in our policies, training, and daily operations.
Trust Center Updates
Red Cup IT Not Impacted by MOVEit VulnerabilitiesVulnerabilitiesCopy link
Recently, the security team here at Red Cup IT became aware of the news surrounding a high-impact MOVEit vulnerability. Reputable threat intelligence sources have reported that this incident impacts customers of this solution: https://www.securityweek.com/moveit-customers-urged-to-patch-third-critical-vulnerability/.
We want our customers to know that this vulnerability does not impact Red Cup IT.
We do not leverage this technology/software within our product, and therefore the confidentiality, integrity, and availability of our systems remain unharmed.
Thanks, and please reach out with any questions. Team Red Cup IT
Confirmation of no impact from CircleCI's January 2023 security incidentGeneralCopy link
Red Cup IT does not use CircleCI for continuous integration and continuous delivery.
Microsoft ExchangeGeneralCopy link
Red Cup IT does not use Microsoft Exchange Server (Cloud or On-Premise)
Confirmation of no impact from Okta’s January 2022 CompromiseIncidentsCopy link
At Red Cup IT, Inc., transparency with our clients and maintaining our customers' trust are critical to who we are. As you’ve likely heard in the news, Okta released a statement on March 22nd, 2022 regarding a security incident that may have affected their customers. Red Cup IT, Inc. leverages Okta as an authentication provider for internal authentication. Our team has received notice from Okta that neither we nor our customers were affected by this incident.
Log4j VulnerabilityIncidentsCopy link
Red Cup IT, Inc. can confirm that within 24 hours of publishing CVE-2021-44228 in our vulnerability database all services that compose our platform running Apache’s vulnerable Log4j library have been patched to the latest version. We have not detected any successful attempts at exploitation of this attack vector during that time window. Red Cup IT, Inc.'s security response to events pertaining to the Log4j remote code execution vulnerability (RCE) is also strengthened by our defense in depth that leverages network-based firewalls, web application firewalls, and anomaly detection with our platform environment.