A Strong Security Foundation Starts With a Smart InfoSec Program
One of the first stages of security maturity for organizations is simply getting secure. This starts with an Information Security Program– the policies and controls that form the foundation of your security as a company. Maybe you just started your company and want to get the essential security controls in place. Maybe you’ve already been hacked. Regardless, getting secure can be done by taking practical steps, with expert guidance, to ensure you’re covering the basics in your security posture.
For Startups That Care About Security
Tugboat Logic Essentials is a security policy framework designed to simplify the process of creating your InfoSec program. These policies and controls are modeled after best practices from the Center for Internet Security and the Cloud Security Alliance and cover all seven categories of risk: Customer, Governance, People, Regulatory, Resilience, Technology, and Vendor Management. Essentials will help you get through this first stage of maturity quickly and painlessly, while providing you with an InfoSec program you can proudly stand behind.
Bonus: when you decide to get your SOC 2 or ISO 27001 report, you’ve already done 30% of the work
What’s Included in Tugboat Logic’s Essentials
10 policies and 24 controls modeled after industry best practices: Your policies are the instructions for what actions need to be taken in order to make sure the control is always in place. Your controls are designed to prevent the risk from occurring.
Built-in guidance to help implement all your policies and controls: We’re not going to just hand you a bunch of static templates. We give you the instructions to set up your controls in plain English and offer in-app support.
Pre-written policy and control content for your InfoSec documentation: Instead of trying to create these from scratch, we have them prebuilt based on industry best practices. And you can edit them, too, to make them your own.
InfoSec documents you can generate on demand and share directly from your dashboard: Once you change anything in your InfoSec program, this will effect other things. Sending a document directly from your Tugboat Logic dashboard ensures that it’s up-to-date. No data silos!
Everything In One Place
Tugboat Logic allows you to manage your policies and controls in one, easy place. From your Readiness Project, you have full visibility into which policies need reviewing, which controls you need to work on, and what has been completed. Since everything is centralized, all your policies, controls, and supporting InfoSec documentation are always in sync and up-to-date. Additionally, when you’re ready for your first SOC 2 or ISO 27001 audit, all this work is applicable and transferable!
How it Works: Three Simple Steps
- Get Your Roadmap
Tugboat Logic Essentials provides you the highest priority policies and security controls needed to keep you and your customer’s data secure.
- Set Up Your Security
As you go through implementing each control, we tell you what the control is about, why you need it, and provide a step-by-step roadmap on how to actually implement it.
- Share Your InfoSec Program
When all controls have been completed, you can generate and share a report directly from your Security Assurance Portal in your dashboard. This report is comprised of your InfoSec policies and controls and can be customized according to detail you wish to include.
Customer Success and Support
We pride ourselves on our team of experts and helping startups achieve their security goals. For this reason, you’ll get one kickoff session along with one bi-annual review with an account manager. With Essentials, you’ll get prescribed 10 policies and 24 controls. We’ll show you how to get started and where you can go for help and support within the platform or in our online community.
What Else is Included With Tugboat Logic Essentials
The Tugboat Logic Security Assurance Platform is designed to grow with your business needs. As a result, we provide a holistic approach to security rather than a modular one. Our goal is that any company, no matter what size, has everything they need when they need it to stay secure and compliant.
Evidence Collection: when you’re ready to do your SOC 2 or ISO 27001 audit, you will need to provide evidence that you have proper controls in place. So not only does Essentials provide you policies and controls, but it also allows you to set up evidence collection using our technology partner integrations. Also included are AutoVerify alerts and our Chrome extension for evidence that requires manual collection.
Vendor Risk Management: VRM allows you to keep track of all the vendors you work with. This helps you keep track of all the security questionnaires that you’re pushing out to them. You can store all their attachments, supporting documents, and contracts here.
Security Questionnaire Response: Answer RFPs and security questionnaires in minutes using Tugboat Logic’s “Auto-Answer” RFP Management Module. The industry’s only “security enabled” RFP management system; Tugboat Logic helps create more credible responses, quickly, so you can sell more and win more.
Awareness Training: We provide all of the policies for your employees to review. They get to go through all the different policies, read through each one and then move on to the next one. We let you know who’s completed their training and who hasn’t started