You can proactively communicate your security posture and related documentation with your organization's current and prospective customers with a Trust Page in UpGuard.
You’ll spend less time filling out security questionnaires and fielding requests for security policies and compliance documentation. As a result, your business partners will have clear insight to your security posture, and you can streamline review processes by proactively sharing relevant, up-to-date materials.
Completing your Trust Page allows you to build trust with your business partners and shows that your organization is taking cybersecurity seriously.
What can you share on your Trust Page?
You can communicate the following information on your Trust Page:
Security ratings: Security ratings are an evaluation of the external security posture of your publicly accessible assets. Including your security rating highlights your security posture.
Security contact: Share contact information for your security representative, such as your Chief Information Security Officer (CISO) or Chief Technology Officer (CTO).
Company description: Provide a short description to help users understand the service your company provides.
Security questionnaires: Save completed security questionnaires to your Trust Page, which can reduce assessment time for your business partners.
Supporting documentation: You can also provide other documentation, such as compliance certifications (for example: PCI DSS, SOC 2, ISO 27001) and business-specific materials. Providing this information through your Trust Page in UpGuard ensures that your partners have the materials necessary to move forward with you.
Trust and security pages: Add links to other related pages, such as your privacy policy or sub-processors page.
You can invite anyone to view your Trust Page, including current UpGuard users and prospective business partners who are not yet UpGuard users.
Editing and publishing your Trust Page
To add information to, edit or publish your Trust Page, navigate to Trust Exchange > Trust Page.
Note: If you cannot see Trust Page in the navigation, you may not have the required user permissions. Contact your organization's admin user to change these permissions.
UpGuard provides a short process for adding to your Trust Page, which you can follow with our guide on How to publish your Trust Page. You can add previously completed questionnaires, compliance certifications, and business-specific materials like public trust and security pages.
Access and NDA protection
Once you have published your Trust Page, you can use the access protection feature to ensure that your information stays as private as you need, while still sharing it with anyone you specify. In this example Trust Page, access protection is on so users need to log in and request access before viewing any documents:
You can also enable non-disclosure agreement (NDA) protection to ensure optimal privacy according to your business needs.
How to invite third-parties to view your Trust Page
Once your Trust Page is published, you can invite anyone to view it even if they aren’t an UpGuard user. To share it, select Share in the top right corner of your screen.
This will bring up a modal that allows you to add the email addresses of the people you want to invite to view your Trust Page. Enter the email(s) then click Send invites.
If you accidentally invite the wrong person, want to revoke the invitation, or want to see who has been granted access to your Trust Page, click on the Access tab. You can revoke an invite by clicking the bin icon and you can revoke previously granted access by clicking Revoke access.
How to view the access log of your Trust Page
You can view who has viewed your Trust Page by clicking on the Access log tab. The details we provide to you are their full name, email address, and the timestamp of when they viewed your page.
How to invite colleagues to view or manage your Trust Page
You can also invite colleagues to view or manage your Trust Page via Settings > Users > Trust Page.