Unparalleled Security and Trust with Varicent
Protecting your data is our priority. We adopt an iron-clad, enterprise-wide security program, adhering to industry-leading practices and frameworks to keep our customers safe.
We Are Committed to Protecting Your Data
Varicent is the industry leader in delivering Sales Performance Management (SPM) solutions, enabling businesses worldwide to Plan, Operate and Pay effectively to drive sales performance and growth.
We are committed to providing the highest level of security to our customers' data. Security and privacy are built into the foundation of our products and solutions and are fully backed and supported by an enterprise-wide security program that adheres to industry-leading practices and frameworks such as ISO 27001/2 and the NIST Cyber Security Framework (CSF).
Elite Defense-in-Depth Security Strategy
We adopt a Defense-in-Depth (DiD) strategy that utilizes multiple layers of security for holistic protection while continuously monitoring our assets across the technology stack. Varicent's reliable, world-class defense-in-depth architecture protects the confidentiality, integrity, and availability of your data. We leave nothing up to chance.
- Enterprise Information Security Policy
- Infrastructure Hardening Procedures
- Third Party Risk Management
- Compliance Procedures
- Regular Security Awareness Training
- Phishing Campaigns
- Security Newsletters
- Hosted in top-tier data centres adhering to internationally recognized security standards and frameworks
- Intrusion Detection and Prevention
- Traffic Control
- Virtual Network Degregation and NAT
- Encryption In-Transit
- Logging and Monitoring
- Data Loss Prevention (DLP)
- Hardening in accordance with industry standards
- Infrastructure Vulnerability Management
- Anti-virus & EDR
- OS Patching
- Logging and Monitoring
- Secure Authentication and Authorization
- Secure Code Development and QA
- SAST and DAST Code Scanning
- Web Application Firewall (WAF)
- Logging and Monitoring
- Encryption at Rest
- Backup and Recovery
- Secure Integration Solutions with Third-Party Systems
Varicent's Enterprise Security Program
Key components of Varicent’s enterprise security program includes but not limited to the following:
- Regularly updated Information security policy and standards.
- Secure authentication and authorization mechanisms for all systems.
- Appropriate segregation of duties and principle of least privilege access.
- NIST-approved cryptographic algorithms.
- Infrastructure and application vulnerability management.
- Security logging, monitoring, and alerting.
- Robust change management program.
- Formal Security incident response program.
- Robust application security encompassing secure coding practices, Static Application Security Testing (SAST), and Dynamic Application Security Testing (DAST).
- Third-party infrastructure and web application penetration testing.
- Security awareness and training.
- Solutions hosted in secure top-tier data centres.
- Data Loss Prevention (DLP) technology.
- Protection against application attacks using leading Web Application Firewall (WAF) technology.
Compliance & Certifications
Varicent has a comprehensive third-party compliance program that includes annual certification and attestation where we evaluate our products, infrastructure, and policies, against stringent security requirements and leading industry frameworks.

Privacy Regulations
Varicent is a ‘Data Processor’ and aligns its practices to a variety of privacy regulations. We are committed to assisting customers in achieving and maintaining compliance against applicable privacy laws such as General Data Protection Regulation (GDPR), and California Consumer Privacy Act (CCPA).
Ready to get started?
Get a custom product demo from one of our SPM experts today. See how Varicent can elevate your sales performance management and drive growth.