We provide a critical part of our customer’s IT infrastructure. We work continuously to improve the security of our infrastructure.

Audited by independent professionals

Customers of Connectis are encouraged to execute independent audits or penetration tests on (the infrastructure provided by) Connectis. Tests have been executed by Madison Gurkha, Fox-IT, KPMG, Ernst & Young, Insite Security, Sogeti (Security TAK), Ordina Security & Risk Management and Deloitte Risk Services BV.

Certified for Information Security

Connectis has an ISO 27001 certificate for information security with a dedicated scope “Hosting, maintaining, supporting and developing Identity Services required for the authentication, authorization and identification of internet users”. Our suppliers are also required to have an ISO 27001 certificate.

Connectis requires a certificate of conduct for all employees and a background check will be executed.

Guaranteed by independent foundation

The continuity of our services is guaranteed by an independent foundation. In case of a disaster, this foundation will continue all operations without downtime and fully independent from Connectis. The customer may also obtain the source code of all systems under an escrow agreement; the intellectual property of all systems belongs to Connectis.

Cooperation with the Secure Software Foundation

In cooperation with iComply and the Secure Software Foundation, Connectis participates in the development of new Secure Software Development norms.

Applicating these norms during development strongly increases awareness on vulnerabilities among our engineers [please provide translation.

Networks are scanned on a daily basis

Connectis uses state-of-the-art software to secure and defend our infrastructure. Among other things, our network is scanned for security vulnerabilities on a daily basis.

Responsible Disclosure Policy

We do all we can to keep our systems secure. We are well aware that security is a continuous process, and new threats or weaknesses may appear at any time. It’s possible that you’ll spot a weakness we’ve missed. If you do, please let us know, so that we can do something about it quickly.