TC is an investor community with over half a million members registered. The platform offers market intelligence generated both by networking among thousands of investors, who share their investment ideas and exchange experiences ("crowd-sourced content"), as well as the provision of information related to the financial market in Brazil and the world. It also provides data analysis related to the macro scenario and the companies listed on the stock exchange that helps in better decision making. The third arm of the platform is financial education, with the offer of several courses (some of them free) for those who invest or want to start investing. The company's revenue is obtained through the sale of subscription plans, services and courses.
RI Prisma's customer portfolio includes a variety of capital companies, including public, closed capital, and investment funds. Such companies deal with classified information, which RI Prisma treats internally with segregation and total confidentiality, in accordance with the rules established in its nine pillars of information security:
Confidentiality: Limiting access to information to those who are authorized.
Integrity: Ensuring that information remains in its natural state and is not altered in any way.
Availability: Ensuring the information is readily available whenever it is required.
Prevention: Ensuring asset protection measures.
Detection: Ensure constant environment monitoring to quickly identify any incident.
Response: Determine the cause of the occurrence and take steps to prevent it from happening again.
Technology: Tools and applications used for the prevention, detection, and response.
Methods: Policies, regulations, and procedures to ensure information security.
Staff: All RI Prisma employees and other group's companies are structured, trained, and oriented towards information security.
With RI Prisma solutions, you will find exceptional performance in managing and preserving all shared data with complete accountability and security, allowing you to devote your attention to your company's strategic operations while we eliminate any security breaches.
We establish rules and guidelines to ensure independence, protection and maintenance of privacy, integrity, availability, and confidentiality of information owned and/or held by RI Prisma for all employees, customers, and service providers.
Granting and revocation access
We follow a workflow of analysis and approvals through a ticketing tool to grant and revoke access.
All RI Prisma systems are set up to demand the use of strong passwords and frequent updates.
Whether physical or logical, all access must be allowed only to authorized personnel to guarantee the segregation of activities and confidentiality of information.
RI Prisma carries out the entire process for the control of cybersecurity, which is: (i) management of security incidents of information; (ii) notification of incidents; (iii) prevention of leakage of information; (iv) penetration tests; (v) vulnerability scanning; (saw) incident reporting, among others.
Malicious Software control
All assets that are linked to the corporate network or use RI Prisma data must be secured with an anti-malware solution.
Automated audit trails are deployed for all RI Prisma system components.
Information storage and displacement
It is not allowed to share or store any kind of files or information stored in the RI Prisma directories.
Disaster Recovery and Business Continuity
Disaster recovery and business continuity practices were created to mitigate the effects and losses of information assets following a potential catastrophic occurrence.
Security tests are performed on a regular basis in our apps by our expert providers, with improvement recommendations.
RI Prisma performs the entire backup process, namely: (i) Full Backup from the Database every 24 hours; (ii) Differential Database Backup every 2 hours (both backups are saved to local disk with 3 month retention and replicated with our Google Drive for 6 months); (iii) Backup Portals Full are done weekly; and (iv) Backup Portals Differential are done daily (both backups are saved on local disk with 3 month retention and replicated with our Google Drive for 6 months).
RI Prisma complies with the General Data Protection Regulation as well as a Data Governance Policy, which aims at the treatment and control of personal data in electronic media, especially how this should be carried out processing, from data collection to disposal.
Monitoring are performed in real-time. Incidents are reported immediately to our team, prepared to intervene in any necessary negotiations.
We have an SLA of 99.98%. This means that your website is always up and being monitored by our systems.
Our servers have the following certifications: SOC 1 Type II,SOC 2 Type II, ISO 27001, PCI DSS, ISO 9001:2015 and ISO 22301.
The data center where the Workr application is located belongs to Equinix, which received Tier III Facilities certification. This certificate attests that the facilities meet the requirements for performing maintenance without the need for customer load shutdown, called concurrent maintenance.