Security
Enterprise-ready Platform adhering to Global Standards of Security and Integrity
Gain the trust of your customers with the highly secure, GDPR compliant, enterprise grade Vyntelligence platform meeting global standards for security and integrity.
Vyn is hosted on Amazon’s AWS infrastructure, providing high levels of availability, security, and data protection supported by compliance to a wide range of international infrastructure security standards.
Vyn uses state-of-the-art encryption, operational technology and operational processes to provide high levels of assurance to customers.
Vyn is available in two configurations. Our tenanted platform provides a reliable and secure solution for small and medium sized enterprises to benefit from sharing infrastructure costs, while maintaining high standards of data protection. For larger enterprises with very high data protection requirements, or requiring dedicated reserved processing capacity, a virtual private cloud configuration is available.
Vyntelligence is fully compliant to GDPR with its proven technology and organisational security controls for data security, data minimisation, lawfulness, transparency, integrity, confidentiality, protection of extended privacy rights of individuals including notice and consent, and cross border data flow mechanisms.
Vyntelligence complies with the requirements of the Cyber Essentials Scheme, operated by the UK government’s National Cyber Security Centre (NCSC). Cyber Essentials is an assurance framework and a set of security controls to protect information from threats coming from the internet.
Vyntelligence complies with the IASME Governance standard that demonstrates the level of cyber security indicating good steps to properly protect customers’ information. The IASME Governance assessment includes a Cyber Essentials assessment and GDPR requirements.
The Vyntelligence platform uses AWS infrastructure for providing services in compliance with ISO 27001:2013 and SOC2 (Standard Occupational Classification) for various security and cloud specific controls.
Data Security highlights
Vyntelligence employs many mechanisms to ensure data security and prevention of unauthorised access:
Infrastructure segregation
Choice of either shared or dedicated infrastructure, segregated for each customer with dedicated high-availability compute, storage and network resources within AWS
Data encryption
All customer data is encrypted at rest and in transit using AES-256 with a Customer Key created specifically per customer
Key management systems
Secret customer key is kept in Amazon’s secure Hardware Security Module (HSM)
Secure API
Uses secure protocols to connect with customer systems using hardened Transport Layer Security profiles for HTTPS
Secure web application
Platform uses HTTPS by default, modern coding standards and stack, and is extensively tested and reviewed
Password management
All passwords are encrypted with a strong cryptographic hashing algorithm and randomly generated salts
Privileges
Segregated IAM roles to restrict and control access. Fine-grained access control on channels, allowing you to control who sees what
Secure Integration
Oauth2 integration with your existing authentication systems
Device Data Protection
Data automatically removed from user’s mobile device as soon as it is uploaded
Active Management
Automated and manual monitoring and management of system security and availability by our dedicated security team
Data Backup
Automatic and regular data backups to a secondary region with automatic key rotation
Physical Security
Benefitting from the physical security measures of AWS data centres. SOC2 compliant