What are Envisso's key data security measures?
What are Envisso's key data security measures?
- Industry-leading standards — Envisso is ISO 27001 certified, adhering to the highest international standards for information security management.
- Robust encryption — All data, both in transit and at rest within our systems, is encrypted using industry-standard encryption methods. Specifically, we use Advanced Encryption Standard (AES) encryption with key lengths exceeding 128 bits for robust data protection.
- Comprehensive security programme — We maintain a robust data security programme encompassing:
- Vendor management — A comprehensive vendor management programme to assess and mitigate risks in line with the highest industry requirements.
- Business continuity and disaster recovery — A robust BCP/DR plan with defined RTOs (Recovery Time Objectives) and RPOs (Recovery Point Objectives) is in place and regularly tested through annual drills. The plan includes provisions for cyber threats like malware and data breaches.
What are Envisso's information and network security measures?
What are Envisso's information and network security measures?
- Secure infrastructure — We operate in a secure cloud environment with robust security measures in place.
- Strong authentication — Multi-factor authentication is enforced for access to high-risk systems.
- Data integrity — All electronic media is securely destroyed, and logs are meticulously maintained for auditing and compliance (retained for a period that meets legal and regulatory requirements).
- Proactive threat detection — We use a robust intrusion detection system to continuously monitor and review host and network activity for potential threats.
- Vulnerability management — Regular vulnerability assessments and penetration testing are performed to identify and address potential security weaknesses.
- Secure change management — A rigorous change management process that includes:
- Patch management procedures
- Code reviews with segregation of duties
- Separate test and production environments
- Secure configuration management
How does Envisso ensure compliance and ethical conduct?
How does Envisso ensure compliance and ethical conduct?
- Regulatory compliance — We maintain a regulatory compliance programme and liaise with local partners to ensure adherence with applicable laws and regulations.
- Ethical guidelines — We have established key compliance policies and logs including:
- Anti-bribery and anti-corruption policy
- Gift and entertainment policy
- Ethical reporting — a clear process is in place for employees and stakeholders to report ethical concerns or conflicts of interest.
What is Envisso's commitment to data security?
What is Envisso's commitment to data security?
Envisso is committed to the highest levels of data security and privacy. We work with global insurance and payments companies, and our systems meet the most stringent data security requirements in the industry. We continually invest in enhancing our security posture to safeguard client data and maintain the highest level of trust.