Information Security Program

At Encoding.com, our Incident Response Plan is available on our company intranet for all employees to see. It details the Security Incident Response Team (SIRT), which is comprised of Members and Contingent Members from various groups within the company and contains information about the potential risks and what actions should be taken if faced with such risks. The Encoding.com Incident Response Plan outlines specific procedures to handle data breach, hack attempts, natural disasters, as well as who is part of the team that will take the lead in countering such threat and how the team members will communicate with each other and with the company. The Encoding.com Incident Response Plan is updated quarterly.

1. INFOSEC ORGANIZATIONAL STRUCTURE

500

2. PRIVACY POLICY

The Encoding.com Privacy Policy is public, regularly maintained, and can be found at https://www.encoding.com/privacy.

3. EMPLOYEE CONFIDENTIALITY

At Encoding.com all new hires are required to sign a confidentiality agreement. In addition to that, every time the security policy is updated, employees have to re-acknowledge the information security policy stating they are aware of the changes made. The process of asking employees to acknowledge the security policy helps keep all employees aware of the policy and further enforces a culture where information security is paramount. The Encoding.com confidentiality agreements protect not only the company but also the company’s customers from having its confidential or trade secret information disclosed without the company’s consent.

4. CHANGE CONTROL PROCESS

At Encoding.com the process for handling changes to systems and supporting infrastructure is part of our Change Management policy. The procedures related to change management are formally documented and are available to company’s personnel to promote adherence to standard Change Management processes. Encoding.com’s intranet-based project management application for tracking of change management processes and documentation helps track change details, responsibilities, and status of change requests and is Encoding.com’s primary Change Management system, used to facilitate change requests for both Encoding.com’s application and to supporting systems and infrastructure.

5. THIRD PARTY CERTIFICATIONS

Encoding.com ingests, temporarily stores and processes media in data centers within highly compliant public cloud data centers which maintain certifications from IS0, SOC, and PCI and are aligned with MPAA and CIS security frameworks. See https://aws.amazon.com/compliance for a complete list of certifications, laws, and frameworks.

6. DISASTER RECOVERY PLAN

Encoding.com maintains a Disaster Recovery Plan which includes the use of highly redundant and fault tolerant systems to maintain maximum uptime and additional plans are in place to recover from various disaster scenarios.

7. NOTIFICATION PROCEDURES

At Encoding.com affected customers are notified by the Encoding.com customer support team as appropriate. All Encoding.com customers are able to get a real-time update on platform status by visiting our platform status page at https://status.encoding.com. Additionally, users can subscribe to receive real-time updates via email or XML/JSON of any changes to the status of the Encoding.com service.

Through this same mechanism, users can also be made aware of any planned maintenance windows allowing them to get the most out of the Encoding.com platform with minimal disruption to their business.