Cilio CiO passes Lowe’s data protection audit; earns approval to continue connecting to IMS

Cilio Technologies passes rigorous security audit, continuing to make data protection a top priority

By Randy Olejnik, CEO and president

In a statement to PROviders earlier this summer, Lowe’s said they would be reviewing how third-party installation management software providers process certain data related to Lowe’s installation programs.

We are proud to say that, after a thorough review by Lowe’s Services and IT Security team, aided by two external security vendors, Cilio CiO and our Partners Portal Platform have been “cleared and approved to continue receiving APIs from Lowe’s.” 

This was an important and rigorous security review by Lowe’s to minimize risk to themselves, their PROviders, and customers.

Security is an ongoing battle of planning and preparing for ‘what if’ scenarios and increasingly common attacks. Our security team is always working to stay ahead of the ‘bad guys,’ and audits like this help us stay on track and continuously improve. Since we started providing SaaS solutions, we have not had a single security breach, and we want to keep it that way!

Lowe’s evaluated vendors on several criteria including:

  • Use of an industry-standard security framework
  • Governance and ownership of a security policies, standards, and procedures
  • Physical and environmental security
  • Network and system security
  • Data security
  • Access control
  • Incident management

Data security is a foundational pillar of CiO and Partners Portal

When you use Cilio CiO or Partners Portal technology to manage your business, you can be sure that the security of your data in our systems is a top priority.

Strict security measures: We originally built our platform for large countertop manufacturers that, as publicly traded entities, are required to audit vendor security protocol regularly. Since the beginning, we have been held to strict security measures that continue to drive our security policies and procedures. 

Monitoring and disaster recovery: Today with our cloud-based hosting providers we provide superior monitoring of our services 24/7, year-round.  We feature several layers of backup and hot servers ready to switch to in the event of a disaster.  Our disaster recovery procedures are tested every 6 months to ensure it is ready to go.  Within 15 minutes we could be operational on a completely new set of servers located in a different state.

Security audits: Though we have minimal personally identifiable information (PII) in our databases, we protect it with the highest standards and conduct quarterly and annual audits of our security processes. In addition to our own audits and testing, we participate with our larger, publicly traded clients in their annual security audits.  

You own your data: At Cilio, we treat your data and information with the same security as if it were our own.  And though we work hard to provide the best services to our clients and hope they continue to work with Cilio; we recognize that they can select other services that may fit their needs. Your data is always yours and if you must switch to a different vendor, we will do what it takes to make the transition as smooth as possible for your company.

Experienced leadership: Our VP of Security and Infrastructure, Allen Klumpp has headed up our security program since the beginning. Allen has a background in the medical technology field, where data protection is highly regulated and very strict.  Allen is always looking for ways to improve our security procedures.

Questions?

Our Privacy Statement and Data and Information Policies are available to our clients for review.  These documents are kept up to date as we continue to make improvements.

If you want to know any more detail about our security program, please reach out any time. I’m happy to answer your questions: rolejnik@ciliocio.net.