start portlet menu bar end portlet menu bar

"HCLSoftware prioritizes Trust, Security and Privacy across our entire product suite. We ensure leading edge security best practices are a core part of all stages of our software development lifecycle before any product is released to market. This includes comprehensive security scanning techniques, robust penetration testing and threat modelling at all levels of the application and infrastructure stack. We use our own products in addition to leveraging a diverse set of third-party researchers and tools, to test comprehensive capability across all levels. Following application introduction, we continue to constantly assess its risk profile and immediately initiate any additional remediation measures, if necessary.

The resources you see below proudly demonstrate HCLSoftware’s commitment to the Trust, Security and Privacy of our products."

- Mary Zygadlo , Information Security Officer at HCLSoftware

Our Approach

Software security is critically important to HCL and our valued clients. The HCL security strategy covers all aspects of our business, including corporate and organizational security policies, incident management and response, business continuity and disaster recovery, secure software development processes, and privacy.

Security

Learn more about the policies and checkpoints that govern our development lifecycle.

HCLSOFTWARE PSIRT ->
HCLSOFTWARE TOMS ​->
HCLSOFTWARE SECURITY COLLATERAL ->
HCLSOFTWARE SECURITY CERTIFICATIONS ->
INFORMATION SECURITY POLICY ->
STATEMENT OF APPLICABILITY ->


Privacy and Data Protection

We care about your privacy and we work hard to ensure that any Personal Data we process is secured and treated the right way.

PRIVACY STATEMENT ->
CUSTOMER DATA PRIVACY AT HCLSOFTWARE ->
DATA PROCESSING AND DATA TRANSFERS ->
DATA TRANSFER AMENDMENT TO UPDATE SCCs ->


highly secure controlled location

Secure Product Development

HCLSoftware adheres to stringent development processes to produce the code we develop and provide both our commercial and government customers. The development models (standard release or continuous delivery) covers the full development cycle including key practices around …
  • Requirements Management
  • All aspects of Architecture and Design
  • Secure Engineering Practices
    • Risk Management
    • Threat modelling
    • Code scanning
  • Coding and Coding standards
  • Review and test methods at all stages
  • Defect Management
All Development practices incorporate change control and are the key criteria assessed at release approval stage



HCL Secure Product Support

Secure Product Support

Our Product Support teams protect our customer data and information by collecting only vital information, limiting access to customer contact information and case data to only those who are actively working to troubleshoot the reported problem, and encrypting customer sensitive information making it unreadable to anyone other than the intended party. Our data protection policy includes:

  • Collecting only vital company and contact information.
  • Communicating customer information and data via HTTPS and Transport Layer Security (TLS) protocols.
  • Sending diagnostic data via SFTP or HTTPS using TLS protocols and encrypting stored data using the AES algorithm.



Explore Security Solutions for Your Business

Endpoint Management Platform
HCL BigFix is the only endpoint management platform that enables IT Operations and Security teams to fully automate discovery, management and remediation – whether its on-premise, virtual, or cloud – regardless of operating system, location or connectivity.


EXPLORE

Application Security Testing
HCL AppScan delivers best-in-class application security testing tools to ensure your business, and your customers, are not vulnerable to attacks.


EXPLORE

Get in Touch

Our valued clients can rest assured that we keep security foremost in our minds as we develop, test and deliver effective software solutions. For more information contact us or explore our product portfolio.

CONTACT US    EXPLORE PRODUCTS