SECURITY, PRIVACY AND COMPLAINCE

We Take Data Security Seriously

At Sounding Board, our top priority is keeping our customers, coach, and coachee data secure. We employ rigorous security measures at the organizational, architectural, and operational levels to ensure that your data remains safe.

Data Security 1
Data Security 1
Table Of Contents

Organizational Security

Security is a focus for everyone at Sounding Board. All employees receive security and privacy training in their first two weeks at Sounding Board to keep both Sounding Board and customer data safe and secure. Every year, we work with our team to ensure that they understand the importance of security and, crucially, how to make security a practical, everyday part of their work.

Our security and privacy team ensures that security awareness and initiatives continually permeate the organization.

 

Architectural Security

Data Encryption

Sounding Board encrypts all customer data while it is at rest. That means that when the data is not being used or accessed, it’s encrypted to be safer and more secure. This is a fundamental design characteristic of the Sounding Board technology. We use the Advanced Encryption Standard (AES) algorithm with a key size of 256 bits, and the keys are managed by our Database provider (MongoDB).

Transport Layer Security (TLS) protects user access via the internet, helping to secure network traffic from passive eavesdropping, active tampering, or message forgery. We utilize 128-bit SSL encryption for this.

Single-Sign-On Support

SAML 2.0 allows for a seamless, single-sign-on experience between the customer’s internal web portal and Sounding Board. Customers login to their company’s internal web portal using their enterprise username and password and are then presented with a link to Sounding Board, which automatically gives customers access without having to log in again.

Sounding Board Native Login

Sounding Board offers a username/password for our Native Login. Your email is your unique identifier in the system. Sounding Board requires user’s passwords to meet the following requirements:

  • More than 8 characters
  • One uppercase letter
  • One lowercase letter
  • One symbol (!@#$%^&*, etc.)
  • One number (1234567890)

Physical Security

Sounding Board applications are hosted on the Google Cloud Platform (GCP). Google Cloud Platform’s physical security controls are reviewed annually as part of Sounding Board’s vendor management program.

Network Security

Sounding Board has established detailed operating policies, procedures, and processes designed to help manage the quality and integrity of the Sounding Board environment. Google Cloud Platform firewall rules are configured to block unauthorized inbound network traffic from the internet. In addition, monitoring software is used to identify vulnerabilities and security events on the network, servers, and database and is configured to alert personnel of possible or actual security breaches.

Application Security

Sounding Board has implemented an enterprise Secure Software Development Life Cycle (SDLC) to help ensure the continued security of Sounding Board applications.
This program includes an in-depth security risk assessment and review of Sounding Board features. In addition, static source code analyses are performed to help integrate enterprise security into the development lifecycle. The development process is further enhanced by developer application security training and penetration testing of the application.

Vulnerability Assessments

Sounding Board contracts with third-party expert firms to conduct independent internal and external network, system, and application vulnerability assessments.

Application Security

We contract with a leading third-party security firm to perform an application-level security vulnerability assessment of our web application annually in conjunction with our SOC 2 Type II audit. The firm conducts testing procedures to identify standard and advanced web application security vulnerabilities, including, but not limited to, the following:

  • Security weaknesses associated with Flash, Flex, AJAX, and ActionScript
  • Cross-site request forgery (CSRF)
  • Improper input handling (such as cross-site scripting, SQL injection, XML injection, and cross-site flashing)
  • XML and SOAP attacks
  • Weak-session management
  • Data validation flaws and data model constraint inconsistencies
  • Insufficient authentication or authorization
  • HTTP response splitting
  • Misuse of SSL/TLS
  • Use of unsafe HTTP methods
  • Misuse of cryptography

 

Privacy

Sounding Board is deeply committed to protecting the privacy of our customer’s data and helping our customers meet their privacy obligations. With Sounding Board, you gain leading privacy functionality and practices that enable you to meet your privacy obligations.

Additionally, we are transparent about our privacy practices. We also provide our customers with the necessary resources and information to help them understand and validate their organization’s privacy and compliance requirements.

Privacy Principles

As data protection issues and global laws evolve and become increasingly complex, Sounding Board understands the importance of maintaining a comprehensive privacy program embedded in our company’s culture and services.

We’re committed to following three principles that reflect our core values:

  • We put privacy first.
  • We innovate responsibly.
  • We safeguard fairness and trust.

Our philosophy of “privacy by design” is a testament to this and provides our customers with the assurance they need for the privacy and protection of their data. These privacy principles drive how we train our employees, design and build products, and, ultimately, how we process personal data.
Privacy and data protection require year-round vigilance, and we’re strongly committed to protecting the personal data of our customers and employees.

Global Data Privacy

Privacy continues to be front and center on the global stage with the advent of the General Data Protection Regulations, the continued momentum for U.S. privacy legislation, and new laws throughout Asia and Latin America. At Sounding Board, we welcome this renewed attention, as privacy protections have been a fundamental component of our services. We also understand that privacy is a shared responsibility between our customers and us.

Sounding Board and our customers must be prepared to comply with complex global privacy laws and regulations. Sounding Board stays ahead of international privacy regulations by maintaining a comprehensive global data protection program that contains comprehensive technical, administrative, and organizational safeguards. Our customers can rest assured that we are committed to global privacy standards, as shown by our implementation of Binding Corporate Rules for Processors (BCRs) and being the first company to certify the Asia-Pacific Economic Cooperation Privacy Rules for Processors.

EU Data Privacy

The General Data Protection Regulation (GDPR) is the global benchmark for privacy laws. It sets out individual privacy and access rights and establishes the mechanisms for holding businesses accountable for data use. We base our privacy compliance regime on the GDPR because we are a global-facing company and because the standards it sets protect individuals while simultaneously allowing us to deliver the best results for our customers.

Complying with GDPR means that we

  • Respect data subject rights to access, rectification, portability, and deletion
  • Secure information with an eye toward state of the art in technology
  • Make transparency, accountability, and trust a central component of our operations
  • Practice privacy by design and data minimization

If you want to know more about how we treat data under GDPR, please see our privacy policy, available at https://www.soundingboardinc.com/privacy-policy/.

Cross-Border Data Transfers

Complying with GDPR means ensuring that data is transferred out of the EU in accordance with established principles and procedural/technical safeguards. We rely on the Standard Contractual Clauses to transfer data from the EU and, in rare instances, with direct consent from data subjects. All data that leaves the EU is subject to heightened scrutiny and protection, and our obligations are rigorously enforced as set out in the SCCs.

 

Compliance

Today’s technology leaders are charged with securing and protecting the customer, employee, and intellectual property data of their companies in an environment of increasingly complex security threats. Companies are also responsible for complying with all applicable laws, including those related to data privacy and transmission of personal data, even when a service provider holds and processes a company’s data on its behalf.
Sounding Board maintains a formal and comprehensive security program designed to ensure the security and integrity of customer data, protect against security threats or data breaches, and prevent unauthorized access to our customers’ data. The specifics of our security program are detailed in our third-party security audits and international certifications.

SOC 2

Sounding Board holds both SOC 2 Type I and Type II certifications. Reports are an independent assessment of our control environment performed by a third party and are available by request.

REQUEST A DEMO

We Develop The World's Most Impactful Leaders

Sounding Board offers virtual and scalable enterprise learning solutions that are flexible enough to adapt to rapidly changing work environments. Powered by behavioral science and core leadership capabilities, our proven coaching methodology drives measurable business impact.

Niall MacGearailt

SVP of Finance
Niall MacGearailt leads Sounding Board’s finance division as the SVP of Finance and Operations. Niall earned a solid track record of improving P&L and operational expense management for leading companies such as Whirlpool, Logitech, Avaya and most recently Soraa, where he prepared the business for acquisition by leading hi-tech lighting company, Ecosense. In his role, he is responsible for building and leading the finance & relevant operations functions for the company.

Ron Buell

VP of Engineering
Ron Buell is the VP of Engineering at Sounding Board and an accomplished software professional with extensive experience in leadership, software engineering, project management, and product management. Ron has led the development of highly scalable systems and applications across a variety of technologies for companies including OpenFeint (acquired by GREE), Rdio (acquired by Pandora), Lyris Technologies, and Lotus/IBM Software Group. In his role at Sounding Board, Buell is responsible for all engineering efforts in developing, deploying, and maintaining the enterprise software platform and team for the company.
Play Video
Play Video
Play Video

Tommy Perkins

SVP OF SALES, PARTNERSHIP & CUSTOMER SUCCESS

Tommy is at his best helping clients think through complex challenges in order to create a positive impact on their organizations. He thrives when interacting with others whether helping his team succeed or working with clients to build long-term partnerships. He has extensive experience consulting with organizations on driving their employee experience, guiding organizations through change, and working to ensure organizations are moving the needle when it comes to their results.

Most recently, Tommy was a Client Services Leader overseeing some of GP’s most prized accounts on a global level. His responsibilities included overall client growth strategy, retention, and satisfaction. He represented all of GP Strategies’ major business lines including leadership, coaching, and engagement, digital transformation, outsourced services, and technology implementation solutions.

Before GP Strategies, Tommy spent several years with TTEC Digital (formerly rogenSI) where he led the sales team,  eventually becoming the regional Learning & Performance practice leader for North America. While managing the P&L and sales team he also led the largest global relationship for the firm (Deloitte Globally). During his time at TTEC, he focused on delivering blended learning solutions that incorporate technology and hands-on training. Before TTEC Digital, he spent several years dedicated to strength-based leadership disrupting the business landscape regarding performance management and employee engagement with thought leader Marcus Buckingham at The Marcus Buckingham Company / TMBC (now ADP).

Tommy has had the privilege of working with some of the most well-known global brands in professional services, retail, technology, and healthcare including Deloitte, Facebook, Microsoft, Bank of America, Novartis, Gap Inc., lululemon, and Intel. Several projects he led for Deloitte were Global GNPS, New Partner Pivot, NextGen Partner Program Deloitte China, Present to Win, the RPM project on performance management, and Unconscious Bias.

Tommy holds a BS in Health Sciences from Texas A&M University, and an MBA from Universidad del CEMA.

Drive hiring, retention, engagement, and DEI initiatives with Sounding Board’s leadership coaching solution

Sounding Board is the first leadership development platform that combines technology to scale with world-class coaches – empowering companies to solve urgent people-problems and gain a long-term talent advantage.

Join our coaching team

Our expert coaches combine top notch coaching, business acumen and organizational savvy to truly become your leadership “Sounding Board”. Sounding Board coaches are all industry certified and strongly vetted going through a 3 step qualification process and receiving ongoing supervision and development.

Lori Mazan

Co-Founder & CCO Sounding Board, Inc.
Lori Mazan is the Co-Founder and Chief Coaching Officer of Sounding Board, the preeminent global leadership development enterprise platform changing the face of leadership development through innovative technology for leaders at all levels of an organization. Lori is a seasoned executive coach who has guided hundreds of corporate executives through 1:1 coaching focused on business outcomes and developing critical leadership skills. Client companies advanced by Lori’s expertise include Fortune titans such as Chevron and Sprint as well as high growth and public companies like Intellikine, and Tapjoy, plus 10XGenomics, which became a public company in 2019 while top executives worked with Lori and the Sounding Board team.
Lori has spent the last 25 years coaching C-Suite executives to leadership excellence. Many of those public and private company CEO’s expressed that they would have liked this caliber of coaching earlier in their careers. Inspired by these experiences, Lori joined with Christine to launch Sounding Board as a feedback-driven, cloud-based leadership coaching platform that could maintain best-in-class leadership coaching while lowering costs to make it affordable and scalable for leaders at every level of their careers.
Before founding Sounding Board, Lori received her Masters’ in Adult Educational Psychology/Counseling from the University of San Francisco and a Bachelors’ in Psychology from the University of Virginia. Lori is an educator and has spent over 10 years as a professor of social psychology and group dynamics while acting as the interim Dean of Students at Holy Names University, She is certified by the industry’s gold standard, the Coaches Training Institute, and is a founding member of the Genentech Preferred Network of Coaches. Sounding Board is one of <3% of sole female founded startups receiving venture funding. In 2019 Sounding Board was selected as 1 of 7 startups (out of 100+ applicants) as part of SAP’s HR tech cohort, a group that represents the rising stars of the next-gen HR ecosystem.

Christine Tao

Co-Founder & CEO Sounding Board, Inc.
Christine Tao is the co-founder & CEO at Sounding Board, a Silicon Valley startup redefining how organizations are developing their leaders. Her extraordinarily rapid career growth to executive management in the media, mobile and tech sectors of Silicon Valley became her inspiration for founding Sounding Board. As she began to manage larger teams and be responsible for growing revenues, it became clear that she needed a “sounding board” to coach her on the development of her leadership skills. That’s where her Sounding Board co-founder, Lori Mazan came on the scene. A seasoned executive coach focused on leadership development, Lori coached Christine on real-world leadership skills that had a direct impact on business outcomes. Based on her positive and impactful experience with leadership development, Christine was driven to make leadership development coaching accessible to people at all levels of the organization.
Christine advises several startups, is a budding angel investor and is also a Tory Burch Foundation Fellow, a foundation dedicated to investing in the success and sustainability of women entrepreneurs.
Prior to co-founding Sounding Board, Christine was a Senior Vice President of Developer Relations at Tapjoy, a venture-backed, leading mobile advertising & publishing network. She led the growth of Tapjoy’s publisher advertising business from 0 to over $100 million in revenues in less than 3 years. Prior to that she led e-commerce partnerships and strategy at YouTube. Christine holds an MBA in Marketing & Operations from Wharton and a BA in Business Administration from UC Berkeley.

Want to learn more about how Sounding Board can help your organization?

Simply fill out the form below and we will be in contact soon. If you are interested in becoming a Sounding Board Coach please visit our careers page.