Security

We provide a critical part of our customer’s IT infrastructure. We work continuously to improve the security of our infrastructure.

Audited by independent professionals

Connectis regularly executes penetration-tests on (the infrastructure provided by) Connectis. Connectis also partcipates in different audits. Tests have been executed by Madison Gurkha, Fox-IT, KPMG, Ernst & Young, Insite Security, Sogeti (Security TAK), Ordina Security & Risk Management and Deloitte Risk Services BV.

Certified for Information Security

Connectis has an ISO 27001:2013 certificate for information security with a dedicated scope “Hosting, maintaining, supporting and developing Identity Services required for the authentication, authorization and identification of internet users”.

Connectis requires a certificate of conduct for all employees and a background check will be executed.

Cooperation with the Secure Software Foundation

In cooperation with iComply and the Secure Software Foundation, Connectis participates in the development of new Secure Software Development norms.

Applicating these norms during development strongly increases awareness on vulnerabilities among our engineers [please provide translation.

Networks are scanned on a daily basis

Connectis uses state-of-the-art software to secure and defend our infrastructure. One of the measures that we take is scanning our infrastructure the way it is visible from the internet (“external scan”). Scans on our internal services are provided on a weekly basis. These are examples of measurements to provide Connectis for being vunerable for familiar safety leaks.

Responsible Disclosure Policy

We do all we can to keep our systems secure. We are well aware that security is a continuous process, and new threats or weaknesses may appear at any time. It’s possible that you’ll spot a weakness we’ve missed. If you do, please let us know, so that we can do something about it quickly.