We strive to follow industry best practices when it comes to security and compliance using frameworks and guidelines such as OWASP, NIST, CIS, and CSA.
Data protection: Your data is protected in rest by AES256 encryption and in transfer using TLS 1.2
Our SOC, security operations center, is staffed 24/7 and is a centralized unit that deals with security issues on an organizational and technical level. Tasks include but not limited to: Weekly Vulnerability scans, Log analysis, anomaly detection, pattern deviation, threat hunting, firewall rule monitoring, deviation in port openings, and impossible logins.
Security penetrations tests are performed at least annually by a third party.
Continuous improvements are carried out by conduction security architecture review, threat intelligence & threat monitoring.
Security Awareness training - Mandatory yearly training for all users and additional specific training for operations, support and security staff
Crisis Management and Incident Management Training for staff are done with both tabletop exercises and different types of gamification.