Platform 3 Solutions Private Limited
Platform 3 Solutions helps enterprises manage, archive, and retire complex data landscapes with confidence. Our solutions are trusted by organizations handling large volumes of sensitive and regulated data across industries.
This Trust Center provides a transparent view of our data protection and governance practices. You can explore how we secure data, maintain compliance, and align with global standards through documented policies, third party certifications, and regulatory frameworks.
Compliance
ISO 27017:2015 ✅
SOC 2 ✅
PCI DSS Certified ✅
Cloud Security Alliance (CSA) ✅
Security Controls
Platform 3 Solutions maintains a comprehensive security program aligned with ISO 27001, SOC 2 Type II, CSA STAR, and PCI DSS. The following controls describe how we protect customer data and ensure the integrity, availability and confidentiality of the Archon platform.
1.Security Governance and Risk Management
- Enterprise Risk Management Framework
- Policies & Accountability Structure
- Periodic Risk Assessments & Reviews
2.Identity and Access Management
- Role-Based Access Control (RBAC)
- Multi-Factor Authentication (MFA)
- Periodic Access & Identity Reviews
3.Data Protection and Privacy
- Data Classification & Handling
- Data Loss Prevention (DLP) Controls
- Secure Retention & Deletion Procedures
4.Cryptography & Key Management
- AES-256 & TLS 1.2/1.3 Encryption
- Key Generation & Rotation Lifecycle
- Restricted Key Access Controls
5.Network & Infrastructure Security
- Network Segmentation & Firewalls
- Intrusion Detection & Prevention
- Secure VPN & MFA Remote Access
6.Cloud Security
- CIS Benchmark Configurations
- Least-Privilege Cloud IAM Policies
- Continuous Posture Management (CSPM)
7.Secure Software Development
- Security Design & Planning Reviews
- SAST & DAST Testing in CI/CD
- Mandatory Security Release Sign-off
8.Vulnerability Management
- Independent Penetration Testing
- SLA-Based Vulnerability Remediation
- Timely Security Patch Management
9.Incident Detection & Response
- 24/7 Event Monitoring & Alerting
- Documented Escalation & Containment
- Root Cause Analysis & Remediation
10.Logging and Monitoring
- Centralized Audit Log Management
- Tamper-Evident Storage Controls
- Near Real-Time Anomaly Alerting
11.Business Continuity & DR
- RTO/RPO Based Recovery Strategy
- Regular Disaster Recovery Testing
- Automated Data Backup Replication
12.Third-Party Risk Management
- Pre-Onboarding Security Assessment
- Contractual Data Protection Clauses
- Periodic Vendor Compliance Reviews
13.Physical & Environmental Security
- Badge-Restricted Data Center Access
- Fire & Environmental Safeguards
- Clean Desk & Media Handling Policies
14.Asset Management
- Critical Hardware & Software Inventory
- Sensitivity-Based Classification
- Secure Data Wiping & Disposal
15.Change Management
- Formal Change Request & Approval
- Non-Production Environment Testing
- Documented Rollback Procedures
16.Human Resources Security
- Pre-Employment Background Checks
- Annual Security Awareness Training
- Confidentiality & Usage Agreements
17.Ethics & Regulatory Compliance
- Anti-Bribery & Conduct Policies
- Legal Obligation Tracking
- Whistleblower Protection Mechanisms
