Trust Center

Start your security review
View & download sensitive information
Ask for information
Search items

Overview

vFairs provides a cloud-based platform that businesses can use to host their events in-person, online and in a hybrid mode. We take security seriously and have implemented best-in-class security and data protection practices to keep customer data safe. Use this portal to learn about our security and compliance posture and request full access to our security documentation.

Email us at security@vfairs.com if you have any additional questions related to security not answered by this page.

Email us at privacy@vfairs.com if you have any questions related to privacy concerns, data subject access requests, Data Protection Agreements, etc.

Compliance

CCPA Logo
CCPA
GDPR Logo
GDPR
ISO 27001 Logo
ISO 27001
ISO 27001 SoA Logo
ISO 27001 SoA
Microsoft SSPA Logo
Microsoft SSPA
PCI DSS Logo
PCI DSS
SOC 2 Logo
SOC 2
VPAT Logo
VPAT
ISO 9001 Logo
ISO 9001
Start your security review
View & download sensitive information
Ask for information

vFAIRS is reviewed and trusted by

Cornell University-company-logoCornell University
MarineMax-company-logoMarineMax
Nestlé-company-logoNestlé
Procter & Gamble-company-logoProcter & Gamble
Sage-company-logoSage
Teradata-company-logoTeradata
Unilever-company-logoUnilever
VMware User Group-company-logoVMware User Group
Yale University-company-logoYale University
Junior Achievement USA-company-logoJunior Achievement USA
T-Mobile-company-logoT-Mobile
Accessibility Conformance
Network Diagram
Pentest Report
Service Level Agreement
SOC 2 Report
GDPR
ISO 27001
ISO 27001 SoA
ISO 9001
Microsoft SSPA
SOC 2
VPAT
CAIQ
HECVAT Full
Product Architecture
Cyber Insurance
Master Services Agreement
Cookies
Privacy Whitepaper
Acceptable Use Policy
Access Control Policy
Anti-Malicious Software Policy
Asset Management Policy
Backup Policy
Business Continuity Policy
BYOD Policy
Data Classification Policy
Data Security Policy
Encryption Policy
General Incident Response Policy
Information Security Policy
Network Security Policy
Password Policy
Physical Security
Risk Management Policy
Software Development Lifecycle

Risk Profile

Data Access LevelRestricted
Impact LevelModerate
Recovery Time Objective4 hours
View more

Product Security

Audit Logging
Data Security
Integrations
View more

Reports

Accessibility Conformance
Network Diagram
PCI DSS
View more

Self-Assessments

CAIQ
HECVAT Full

Data Security

Access Monitoring
Backups Enabled
Data Erasure
View more

App Security

Code Analysis
Credential Management
Software Development Lifecycle
View more

Data Privacy

Cookies
Data Breach Notifications
Data Into System
View more

Access Control

Data Access
Logging
Password Security

Infrastructure

Amazon Web Services
Anti-DDoS
BC/DR
View more

Endpoint Security

Disk Encryption
DNS Filtering
Mobile Device Management

Network Security

Firewall
IDS/IPS
Spoofing Protection
View more

Corporate Security

Email Protection
Employee Training
Incident Response
View more

Policies

Acceptable Use Policy
Access Control Policy
Anti-Malicious Software Policy
View more

Security Grades

Qualys SSL Labs
vfairs.com
A

Trust Center Updates

vFairs Maintains Effective Security Controls According to Recent SOC 2 Report

ComplianceCopy link

Texas, US – 01-Mar-2024– Today, vFairs announced that the company has undergone a System and Organization Controls (SOC) 2 examination resulting in a CPA’s report stating that management of vFairs maintained effective controls over the security, availability, and confidentiality of its Event Management Platform system. The engagement was performed by BARR Advisory, P.A.

A SOC 2 report is designed to meet the needs of existing or potential customers who need assurance about the effectiveness of controls used by the service organization to process customers’ information.

"We are delighted to share that vFairs' SOC 2 report confirms the robust controls we have implemented, effectively mitigating risks associated with security, availability, and confidentiality," stated Muhammad Younas, CEO of vFairs.

These controls are pivotal to our business and client relationships. Security measures ensure the protection of sensitive data and maintain the trust our clients place in us. Availability guarantees seamless and reliable access to our platform, supporting the uninterrupted flow of events. Confidentiality measures underscore our commitment to safeguarding proprietary information, demonstrating accountability to both our clients and stakeholders. This commitment to security, availability, and confidentiality aligns with our core values and underscores our dedication to providing a secure and reliable event management platform.

The following principles and related criteria have been developed by the American Institute of CPAs (AICPA) for use by practitioners in the performance of trust services engagements:

● Security: The system is protected against unauthorized access (both physical and logical). ● Availability: The system is available for operation and use as committed or agreed. ● Processing Integrity: System processing is complete, valid, accurate, timely, and authorized to meet the entity’s objectives. ● Confidentiality: Information designated as confidential is protected as committed or agreed. ● Privacy: Personal information is collected, used, retained, disclosed, and disposed of to meet the entity’s objectives.

A SOC 2 report is an internal control report on the services provided by a service organization to its customers and provides valuable information that existing and potential customers of the service organization need to assess and address the risks associated with an outsourced service.

Current and prospective customers interested in a copy of our SOC 2 report may contact privacy@vfairs.com or visit our security trust portal at https://security.vfairs.com

Published at N/A

Microsoft Supplier Security & Privacy Assurance (SSPA)

ComplianceCopy link

We are thrilled to announce that vFairs has successfully passed the Microsoft SSPA: Supplier Security & Privacy Assurance Program audit and will continue to be a certified Microsoft Supplier for the upcoming year!

A special shoutout to our audit partners at Geels Norton, an approved assessor for Microsoft SSPA, for their collaboration and diligence during the audit engagement.

This achievement reflects our steadfast commitment to upholding rigorous security and privacy standards, ensuring that our services not only meet but exceed industry benchmarks. vFairs is dedicated to providing a secure and compliant environment for all our clients, and this certification is a testament to our continuous efforts in prioritizing data security and privacy.

Published at N/A

vFairs is now ISO 27001 certified!

ComplianceCopy link

We are very proud to announce that we are now ISO 27001 certified, making vFairs one of the few platforms in our industry to meet the highest internationally recognized security standard.

What is ISO 27001? The International Organization for Standardization (ISO), is an independent, international organization that sets global standards for security and safety. In short, ISO consults experts all over the world to create standards that define what excellence looks like.

ISO 27001 is a part of the ISO 27000 family of standards related to information security. ISO 27001 requires a company to have an information security management system, which means having a documented process for managing sensitive company information, HR processes, and IT systems.

What does being ISO 27001 certified mean? Well, that means vFairs has a world-class information security management system in place! We have made improvements to our IT structure, security, training, risk assessment, and much more. We then went through the rigorous audit and certification process with the DAS CERTIFICATION, UK.— an ISO certification body.

What are the benefits to vFairs customers? Being ISO 27001 certified is a testament to the fact that vFairs prioritizes data security. But it also ensures the following: Customer data is rigorously protected. We assess, minimize, and eliminate risks and vulnerabilities. vFairs complies with the highest information security standard, making us compliant with other regulations. We are creating an internal culture of security within vFairs, so all employees prioritize information security by design. Operational excellence when it comes to our IT, HR, and information processes.

This certification is the latest milestone in our information security roadmap to continuously demonstrate our commitment to data security. vFairs strives to achieve operational excellence and world-class information security standards when it comes to our IT, HR, and information processes.

We understand that vFairs as the leading event-hosting platform is a partner to thousands of businesses all over the world, and we take that responsibility very seriously. Everyone at vFairs is deeply dedicated to protecting our customers’ data, and we’re very happy to have our ISO 27001 certification to prove it.

Published at N/A

Microsoft Supplier Security & Privacy Assurance (SSPA)

ComplianceCopy link

vFairs is excited to have completed the SSPA certification and attestation. As privacy and security grow in complexity, vFairs is leading the way in adopting the latest measures to ensure protection for our clients and employees. The Supplier Security & Privacy Assurance (SSPA) SSPA is a partnership between Microsoft Procurement, Corporate External and Legal Affairs, and Corporate Security to ensure privacy and security principles are followed by Microsoft suppliers. The scope of SSPA covers all suppliers globally that Process Personal Data or Microsoft Confidential Data in connection with that supplier’s performance (e.g., provision of services, software licenses, cloud services), under the terms of its contract with Microsoft (e.g., Purchase Order terms, master agreement) (“Perform,” “Performing” or “Performance”).

If you have any questions, please let us know or if you want a copy of our audited attestation, please email privacy@vfairs.com.

Published at N/A

Security Update - Log4j

IncidentsCopy link

As you may have seen in the news, a recent major security vulnerability was discovered with the popular logging utility Log4j.

After reviewing our logs, communicating with our vendors, and reading all the information that is publicly available, we have no reason to believe that any vFairs internal or customer data has been affected at this point in time. Should this change, we will communicate this to you as soon as we are able to.

As it stands, none of our code is written in Java, nor do we use any Apache tools throughout our entire tech stack.

Please feel free to reach out to us at privacy@vfairs.com if you have any questions or concerns.

Published at N/A

If you think you may have discovered a vulnerability, please send us a note.

Powered bySafeBase Logo