For the best web experience, please use IE11+, Chrome, Firefox, or Safari
Free Trials Request Pricing
Home / Legal / Trust & Security

Trust & Security

Quest‘s corporate information security practices and standards are designed to safeguard Quest’s corporate environment and to address business objectives across information security, system and asset management, development, and governance. These standards, policies and practices are reviewed at least annually. All revisions are approved by Quest’s executive management. Copies of Quest’s policies related to information security are available from this website.

Quest‘s data privacy and information security program includes policies, standards and procedures for physical and logical access restrictions, data classification, access rights, credentialing programs, record retention, data privacy, data minimization, information security and personal data treatment in accordance with GDPR, CCPA, and other applicable privacy regulations.

Data Breach Response Policy

View our commitments to notify as soon as possible.
Learn More

Information Security Policy

View corporate policy for information security.
Learn More

Technical & Organizational Measures

View a summary of corporate controls for protecting data.
Learn More

Secure Processing, Transferring, and Storing of Your Data

Secure Processing, Transferring, and Storing of Your Data

Quest takes information security seriously in its processing and transfers of Personal Data. This information security overview applies to Quest’s corporate controls for safeguarding Personal Data which is processed by Quest or its affiliates and/or transferred amongst Quest’s group companies.

Availability is a Security Concern, too

Denial of Service and cyber-locking or ransomware are prevalent threats. Quest takes a variety of steps to protect the availability of your data, including extensive use of replication and backups, as well as physical and logical access controls. View our Technical and Organizational Measures to learn more.

Key Compliance Standards for Securing Data and Services

GDPR

GDPR

ISO 27001

ISO 27001

NIST

NIST

Common Criteria

Common Criteria

How we work

Supporting growth in a technology-driven world. Quest and One Identity know the value of providing secure and trustworthy products to the marketplace. Our extensive history of designing products that help customers mitigate and prevent insider threats in complex network environments was born out of an engineering focus on quality and security. Through our strategies, standards and practices, we implement a secure software development lifecycle and a comprehensive information security management framework that combine to provide secure products across a wide spectrum of diverse product offerings.
Secure SaaS Delivery
Product Security

Enterprise-class SaaS services and delivery

The Quest Approach:

Our strategy is based on the following fundamental principles:

  • Secure product delivery requires an intense focus on confidentiality, integrity and availability of data.
  • As versions are developed, identify and eliminate vulnerabilities that provide exploitation opportunities.
  • All supply chain components must be tested and proven genuine, and to not contain any unwanted functionality.

Supply chain security at Quest and One Identity focuses on minimizing risks to customers by taking preventative steps to reduce the likelihood that our products contain vulnerabilities, hidden malicious code or backdoors inserted by threat actors.

For More Information:

We have additional product line supply chain security information with details on specific products. For more information, please contact your Quest or One Identity account manager.

Information about Quest and One Identity products can be found at https://quest.com/solutions/.

Our contact details are available at https://www.quest. com/company/contact-us.aspx.