Security by design
regular activities in order to minimize risks of data breach.
Secure Code Practice
Security by design approach is how we build solutions. Part of the internal processes for engineering teams and architectural/implementation considerations are defined in our secure coding practice checklists. These checklists cover the following areas:
- Input validation
- Output encoding
- Auth & password management
- Cryptographic practices
- Session management
- Access control
- Error handling and logging
- Data protection
- Communication security
- System & infrastructure configuration
- Database security
- File management
- Memory management
Our Data Protection Officer ensures compliance with GDPR across the organization, while our Security Manager ensures we adhere to ISO27001 and SOC2
- We perform regular, infrastructure-wide security audits internally.
- Annual external audits are performed.
- All data communication to remote locations is secured through VPN tunnels.
- Any processed data is stored on Azure/AWS based infrastructure, within the required jurisdictions.
- Personal data is encrypted at transit and rest, including backups. In case any personal data needs to be stored/transferred outside of EU, we pseudonymize it.
- PaloAlto firewalls in all service delivery locations. Office access management and CCTV.
- 2FA for accessing specific internal systems.
- Secure password sharing using Keeper Security.
- Continual internal security awareness sessions.
San Francisco, CA 94105, USA
+44 203 642 2163