We provide a critical part of our customer’s IT infrastructure. We work continuously to improve the security of our infrastructure.
Audited by independent professionals
Customers of Connectis are encouraged to execute independent audits or penetration tests on (the infrastructure provided by) Connectis. Tests have been executed by Madison Gurkha, Fox-IT, KPMG, Ernst & Young, Insite Security, Sogeti (Security TAK), Ordina Security & Risk Management and Deloitte Risk Services BV.
Certified for Information Security
Connectis has an ISO 27001 certificate for information security with a dedicated scope “Hosting, maintaining, supporting and developing Identity Services required for the authentication, authorization and identification of internet users”. Our suppliers are also required to have an ISO 27001 certificate.
Connectis requires a certificate of conduct for all employees and a background check will be executed.
Guaranteed by independent foundation
The continuity of our services is guaranteed by an independent foundation. In case of a disaster, this foundation will continue all operations without downtime and fully independent from Connectis. The customer may also obtain the source code of all systems under an escrow agreement; the intellectual property of all systems belongs to Connectis.
Cooperation with the Secure Software Foundation
In cooperation with iComply and the Secure Software Foundation, Connectis participates in the development of new Secure Software Development norms.
Applicating these norms during development strongly increases awareness on vulnerabilities among our engineers [please provide translation.
Networks are scanned on a daily basis
Connectis uses state-of-the-art software to secure and defend our infrastructure. Among other things, our network is scanned for security vulnerabilities on a daily basis.
Responsible Disclosure Policy
We do all we can to keep our systems secure. We are well aware that security is a continuous process, and new threats or weaknesses may appear at any time. It’s possible that you’ll spot a weakness we’ve missed. If you do, please let us know, so that we can do something about it quickly.