Gain the trust of your customers with the Vyntelligence highly secure, GDPR compliant, enterprise grade platform meeting global standards for security and integrity

 

GDRP


Vyntelligence is fully compliant to GDPR with its proven technology and organisational security controls for data security, data minimisation, lawfulness, transparency, integrity, confidentiality, protection of extended privacy rights of individuals including notice and consent, and cross border data flow mechanisms.

cyber essentials


Vyntelligence complies with the requirements of the Cyber Essentials Scheme, operated by UK government’s National Cyber Security Centre (NCSC).  Cyber Essentials is an assurance framework and a set of security controls to protect information from threats coming from the internet.

iasme


Vyntelligence complies with IASME Governance standard that demonstrates the level of cyber security indicating good steps to properly protect customer’s information.  The IASME Governance assessment includes a Cyber Essentials assessment and GDPR requirements 

aicpa soc


Vyntelligence Platforms uses AWS infrastructure for providing services in compliance with ISO 27001:2013 and SOC2 (Standard Occupational Classification) for various security and cloud specific controls.

Data Security highlights

Vyntelligence employs many mechanisms to ensure data security and prevention of unauthorised access:

  • Infrastructure segregation: Every customer’s infrastructure is segregated with dedicated high-availability compute, storage and network resources within AWS
  • Data encryption: All Customer data is encrypted at rest and in transit with a unique secret AES-256 bit Customer Key created specifically per Customer and within hardware security modules
  • Key management systems: Secret Customer Key is kept in Amazon’s secure Hardware Security Module (HSM)
  • Secure API: Use secure protocols to connect with customer systems using Transport Layer Security 1.2 for HTTPS
  • Secure web application: Platform uses HTTPS by default
  • Password management: All passwords are encrypted with bcrypt, a strong cryptographic hashing algorithm with built-in randomly generated salts
  • Privileges:  Segregated IAM roles to restrict and control access.  Fine grained access control on channels, allow you to control who sees what
  • Secure Integration: Oauth2 integration with your existing authentication systems
  • Device Data Protection: Data automatically removed from user’s mobile device as soon as it is uploaded
  • Data Backup: Automatic and regular data backups with automatic key rotation
  • Physical Security: Benefit from the physical security measures of AWS data centers.  SOC2 compliant