Infrastructure ans security

Resilient infrastructure and data under high surveillance

High-availability, ISO 27001-certified infrastructure

High-availability, scalable infrastructure with a multi-site design for services and redundancy for all system components powering the application.

  • OVH Private Cloud ISO 2700 Infrastructure. Hosted in France by France’s largest hosting services operator
  • High-availability scalable infrastructure with VMWare = > No Single Point of Failure
  • 24/7 infrastructure monitoring (Vsphere, Centreon, Datadog) by Claranet, Europe’s leading managed services provider, ISO 27001-certified

Cloud security by design

Security is an integral part of the stucture of our products. We apply a number of controls to protect your data to ensure the highest level of security.

  • Transfers within the infrastucture via an encrypted VPN
  • Anti-DDoS, NSX firewall, NAT and firewall rules
  • Throttling and auto-ban systems
  • Encrypted backup system via OVH Veeam Server
  • GPG encryption-at-rest
  • Annual audits
  • Anti-virus protection

Enhanced software security

Secure connection and data exchange between the client and its servers.

  • Encrypted traffic signed by a trusted third party (SSL certificate with RS SHA-256 key)
  • TLS 1.2 & 1.3 only
  • Strong authentication – SSO connection via SAML2 protocol
  • APIs secured by Gravitee API Manager
  • OWASP-compliant
  • Annual security audit carried out by a specialist cybersecurity firm.

Our security in details

Security of our infrastructure

  • Transfers within the infrastucture via an encrypted VPN
  • Anti-DDoS, NSX firewall, NAT and firewall rules
  • Throttling and auto-ban systems
  • Encrypted backup system via OVH Veeam Server
  • GPG encryption-at-rest
  • Anti-virus protection

Security of our software

  • Encrypted traffic signed by a trusted third party (SSL certificate with RS SHA-256 key)
  • TLS 1.2 & 1.3 only
  • Strong authentication - SSO connection via SAML2 protocol
  • APIs secured by Gravitee API Manager
  • OWASP-compliant
  • Annual security audit