Save 30% on TSIA World INTERACT with code ORL25-EB30!
Register now
TSIA brand logo
About UsWhat We Do
What We Offer

Industries we serve

Stand out in your industry with TSIA’s proven data and research.

IT Infrastructure and Services

SaaS and Software

Industrial Equipment

Healthcare Technology

Research areas

TSIA provides exclusive data, business frameworks, and expert advice in all areas of technology to help your organization achieve profitable growth.

CRO Council

A research-driven executive community focused on growing and optimizing XaaS revenue across the customer lifecycle.

Customer Growth and Renewal

Leverage your existing accounts to grow and sustain subscription revenue across the entire customer life cycle.

Customer Success

Create and implement a data-driven customer success strategy with the world’s largest library of customer success data, best practices, and more.

Education Services

Make the most of learning content, programs, and offers in order to drive product adoption, expansion, and renewal.

Executive Leadership

Leverage TSIA's data-driven insights and resources to make strategic decisions, optimize operations, and drive your company's growth.

Field Services

Helping companies with equipment on customer premises optimize service delivery and drive digital transformation.

Managed Services

Grow your business’ managed and XaaS revenue across the customer lifecycle—profitably and sustainably.

Offering Management

Utilize deep industry insights tailored to create compelling service and product offers, converge portfolios, optimize pricing, and more.

Professional Services

Optimize your business with formalized charter and strategy and delivering solutions with efficient operations.

Support Services

Maximize your organization’s service efficiencies and optimize its overall customer experience.
Insights

Insights

Check out our latest insights and go beyond learning about the latest industry trends—make them work for you.

Featured Insights

Get inspired, find out what’s trending, and discover what’s next in the technology and services space on the TSIA Portal.

TSIA Research Journeys

Answering your biggest unsolved industry challenges and delivering validated, board-ready insights designed to empower every tech company.
Membership Options
Community

Community

Connect with a diverse and inclusive network of other industry professionals who have solved the same challenges you’re facing.

TSIA Discussions

A community for Product, Sales, and Services teams to navigate business challenges together.

Advisory boards

Meet the hand-picked experts who work with TSIA research and leadership to address critical issues, trends, and opportunities.

Conference

Drive innovation and elevate your business at TSIA World, the premier tech and services conference.

Partner with TSIA

Share your company’s vision of the future with the biggest names in tech, and engage with prospects within the TSIA community.

Partner directory

Check out the technology and services organizations that are currently benefiting from membership.

STAR Awards

Establish your company as among the best in the industry and receive recognition on your team’s most impactful achievements.
Blog

Blog

Your source for the latest trends impacting your industry.

For executives

For department leaders

For managers

Get started for free
Let's talk
Sign in
Get started for free
Let's talk
Legal and Privacy Information
Privacy PolicyCalifornia Consumer Privacy ActCalifornia Privacy Rights Act of 2020Online Code of ConductCopyright InfringementOnline User AgreementMembership Terms of ServicePartnership Terms of ServicePartner Program PackageConference Registration Terms and ConditionsConference Code of ConductInformation Security MeasuresBenchmarking Data Protection MeasuresSubprocessor List
Navigation
Privacy PolicyCalifornia Consumer Privacy ActCalifornia Privacy Rights Act of 2020Membership Terms of ServicePartnership Terms of ServicePartner Program PackageConference Code of ConductConference Registration Terms and ConditionsMember Conference Voucher UpdateInformation Security MeasuresBenchmarking Data Protection MeasuresSubprocessor List

TSIA Information Security Measures

Information security and data privacy are critically important goals for TSIA. Our information security measures meet the highest standards in the industry.

Compliance

For registrations made by TSIA members using a non-voucher payment type (i.e., credit card), registrants may request that a voucher be applied and a refund issued back to the original form of payment.

SOC 2

TSIA is SOC 2 compliant for 2023 with the American Institute of CPAs (AICPA), which specifies how organizations should manage customer data. The standard is based on the following Trust Services Criteria: security, availability, processing, integrity, confidentiality, and privacy.

‍

Policy

TSIA’s Information Security Policy is aligned with the NIST Cybersecurity Framework; an outline of the Policy is available upon request. TSIA’s data practices are described in our Privacy Policy and in our Membership Terms and Conditions.

Training

TSIA creates a culture of information security through semi-annual security awareness training and on-demand recordings. TSIA’s Information Security Policy details the components of the training plan. Training resources are posted on the company intranet. All new hires are required to read the information security policy and undergo information security training via the on-demand recordings.

Audit

Annual audits of TSIA’s internal and external network and physical security, including penetration testing, are performed by an independent contractor utilizing the NIST Cybersecurity Framework 800.53. The auditor provides TSIA with a letter of attestation. Should there be a need to remediate, the auditor prioritizes the issues by severity level in an executive summary. Attestation of the most recently completed audit is available upon request.

Incident Response

TSIA has a standardized process for responding to security incidents. When a security incident is suspected, teams are notified and a central communication channel is established. If TSIA believes that confidential or personally identifiable information has been accessed or modified by an unauthorized third party, we take all necessary steps to notify the affected individuals/companies as quickly as possible, and in no case greater than two business days after we learn of the breach. In our communications, we include the following information:

  • How the information was accessed (i.e., viewed, modified, etc.)
  • The actual information accessed
  • What we are doing to mitigate the access
  • What corrective actions we will take to prevent future breaches

After an incident, we conduct a post-mortem analysis to identify root causes and track any related follow-up work.

Infrastructure Security

Our infrastructure security efforts focus on providing the underlying tools, systems, processes, and knowledge resources to operate secure and privacy-protecting systems.

Physical Security

Access to TSIA office working spaces, both external and internal, is strictly controlled with location-specific key cards and supporting administrative procedures.

Storage and Transmission

All of TSIA’s infrastructure runs in the cloud; Rackspace is our primary service provider. See Rackspace Security for more information regarding their managed security measures.

Network Isolation

TSIA limits external access to network services by running them inside a Virtual Private Cloud (VPC) and blocking all unnecessary ports from external traffic. Access to our production network is limited to necessary personnel, logged, and secured using VPN connectivity. We use Cisco firewalls to control VPN access and available ports.

Threat Detection

TSIA utilizes AT&T’s Cybersecurity Security Information and Event Management (SIEM) solution for continuous monitoring, alerting and response processes for suspicious activity occurring in our infrastructure.

Vulnerability Scanning

TSIA uses automated security scanning tools to notify us quickly of changes in our infrastructure that may result in a security issue. The results of these scans are regularly triaged by our IT department and the Rackspace dedicated support team.

Third Party Vulnerability Management

TSIA regularly monitors global vulnerability feeds, including the Threat Exchange and various security-related forums, as well as security release information for software in our stack. When a vulnerability that affects us is released, we prioritize the rollout of the patch based on the severity, or impact, of the vulnerability in question.

Patching

TSIA, along with Rackspace Managed Services, regularly updates our operating systems images, container images, language runtimes, and language libraries to the latest known supported versions.

Logging

TSIA maintains a centralized log for product and infrastructure events and metrics. All system-level actions performed in production environments with administrator permissions are logged.

Encryption

TSIA encrypts all confidential and Personally Identifiable Information (PII) in transit outside of our private network and at rest in our private network.

Disaster Recovery

TSIA’s website is hosted in a Rackspace data center on two hypervisors for a high-availability failover. Should the Rackspace data center succumb to natural disaster where failover is not an option, TSIA has a “cold site” solution that would spin up a new infrastructure and restore our backups in 48 hours.

End User Security

The goal of our IT security practices is to make employees more productive while also providing them the tools they need to do their job safely and securely.

Access

TSIA has an internal classification standard that describes the different types of data that our employees work with and how that data should be handled and by whom. TSIA practices the Principle of Least Privilege (PLP) with regard to access to systems and data. Accounts are activated when an employee joins and deactivated when an employee leaves, using automated processes where possible.

Acceptable Use

TSIA employees are authorized to access corporate systems, data, and applications via corporate end user devices only. Corporate end user devices include laptops, notebook computers, and cell phones.Our Mobile Device Policy describes best practices for device configuration and software usage. It mandates network connectivity, website usage, full disk encryption for all devices that have access to sensitive data, the use of screen locks after a period of inactivity, and remote wipe capabilities. It also describes our permitted software and software update practices.

Device Security

TSIA utilizes endpoint encryption on all end user devices from BitLocker (PC) and FileVault (Mac) and protects them from malware and viruses with software from BitDefender. Should there be any issues with a machine, we have the ability to remove any apps or remote wipe via Cisco’s Meraki MDM. All data is backed up and encrypted in the cloud by Carbonite. External hard drives are not authorized for use by TSIA employees.

Password Protection

TSIA requires all employees to store their passwords in a password management system. This system allows IT insight into the strength of passwords and, when it occurs, the reuse of passwords. Strong and unique passwords are required for all corporate end user devices and applications. In addition to password management, TSIA configures SSO with those applications/cloud services that allow such a configuration.

Authentication

Access to corporate applications, including email, is governed by two-factor authentication.

Third Party Software

All requests to install third party software must be made to IT and approved by the requesting party’s supervisor. Once approved by IT, the software is pushed to the user’s machine via Cisco Meraki MDM software.

TSIA (Technology & Services Industry Association) is dedicated to helping technology and services organizations large and small grow and advance in the technology industry. Find out how you can achieve success, too. Call us at 800-876-6511 or we can call you.

Our research areas

CRO CouncilCustomer Growth and RenewalCustomer SuccessEducation ServicesExecutive LeadershipField ServicesManaged ServicesProfessional ServicesOffering ManagementSupport Services
Industries we serveIT Infrastructure and ServicesSaaS and SoftwareIndustrial EquipmentHealthcare Technology
ConferenceAgendaEventsNetworkingPricingSponsorsTracksTravel

Community

Partner DirectoryPartner ProgramStar AwardsTSIA Discussions

Blog

For executivesFor department leadersFor managers
Who We AreWhat We DoFeatured InsightsConferenceBlogNewsroom
© 2024 Technology & Services Industry Association (TSIA). All rights reserved worldwide.
Legal and Privacy    |    Email Preferences    |   Do Not Sell My Information