Our Commitment to Information Security

Mittera is committed to maintaining the security, confidentiality, integrity, and availability of the data our customers entrust to us. Our secure printing environment features a robust set of security controls and processes to protect the transmission, processing, and storage of sensitive data throughout its lifecycle.  Most of those same protocols already exist throughout the Mittera environment ensuring the safety of customer data across the company; these protections include, but are not limited to:

• Strong information security program as evidenced through:
  • Comprehensive set of information security policies that are thoroughly reviewed and tested by a third-party security partner
  • Routine training on email phishing, phishing campaigns to test users’ response to threats, and reporting of these threats
  • Ongoing risk management cycle which involves identifying, reviewing, mitigating and/or accepting risk within the environment
• IT Asset Management: agents are deployed on employee workstations and production servers that provide Mittera Group’s IT team with up-to-the-moment information about their secure environment. These agents alert over devices that are not in compliance with their hardened security policies.
• System Maintenance (Patch Management): Mittera Group deploys the latest security patches and upgrades to critical systems within their environment within 30 days of release. These patches are applied to both the operating system and third-party applications and services.
• Secure FTP (SFTP) servers: all data ingestion occurs through hardened SFTP endpoints to ensure secure and encrypted transmission of data.  These servers are regularly monitored for access control and secure transmission to the production printing environment. To ensure secure transmission of sensitive information, customers are encouraged to provide data through this secure portal.
• Access control methodology: Mittera employs both strict role-based access control and least privilege principles to limit information access to only authorized individuals.
• Mobile security: Mittera employs Multi-Factor Authentication (MFA) for devices not physically present on the network.  Additionally, Mittera uses Mobile Application Management (MAM) to secure mobile endpoints.
• Firewall protection: next-generation firewall systems are in place at each facility to protect internal systems from untrusted networks and intrusions. These firewalls are centrally managed, reviewed frequently, and feature advanced threat protection solutions.
• Physical security: all facilities are physically protected by a badge access system. Access to printed product and IT systems are restricted to authorized personnel. A Visitor Management System ensures authorized access for any non-employee entering a Mittera location.
• Anti-malware: All assets have a next-generation anti-virus solution deployed and centrally monitored. Systems that detect malicious software automatically quarantine themselves and alert Mittera’s SOC team.
• Hardened configuration policies: employee workstations and servers are protected using advanced threat protection policies; these configurations have been reviewed and approved by MIttera’s third-party information security partner.

The above controls have been configured and implemented across all printing facilities within Mittera’s network to ensure the protection of customer data against cyber security and physical presence threats. Securing our customer’s data is of paramount importance to our organization. Please direct any further questions you may have to security@mittera.com.