Security

Enterprise-ready Platform adhering to Global Standards of Security and Integrity

Gain the trust of your customers with the highly secure, GDPR compliant, enterprise grade Vyntelligence platform meeting global standards for security and integrity.

Vyn is hosted on Amazon’s AWS infrastructure, providing high levels of availability, security, and data protection supported by compliance to a wide range of international infrastructure security standards.

Vyn uses state-of-the-art encryption, operational technology and operational processes to provide high levels of assurance to customers.

Vyn is available in two configurations. Our tenanted platform provides a reliable and secure solution for small and medium sized enterprises to benefit from sharing infrastructure costs, while maintaining high standards of data protection. For larger enterprises with very high data protection requirements, or requiring dedicated reserved processing capacity, a virtual private cloud configuration is available.

Vyntelligence is fully compliant to GDPR with its proven technology and organisational security controls for data security, data minimisation, lawfulness, transparency, integrity, confidentiality, protection of extended privacy rights of individuals including notice and consent, and cross border data flow mechanisms.

Vyntelligence complies with the requirements of the Cyber Essentials Scheme, operated by the UK government’s National Cyber Security Centre (NCSC). Cyber Essentials is an assurance framework and a set of security controls to protect information from threats coming from the internet.

Vyntelligence complies with the IASME Governance standard that demonstrates the level of cyber security indicating good steps to properly protect customers’ information. The IASME Governance assessment includes a Cyber Essentials assessment and GDPR requirements.

The Vyntelligence platform uses AWS infrastructure for providing services in compliance with ISO 27001:2013 and SOC2 (Standard Occupational Classification) for various security and cloud specific controls.


Data Security highlights

Vyntelligence employs many mechanisms to ensure data security and prevention of unauthorised access:

Infrastructure segregation

Choice of either shared or dedicated infrastructure, segregated for each customer with dedicated high-availability compute, storage and network resources within AWS

Data encryption

All customer data is encrypted at rest and in transit using AES-256 with a Customer Key created specifically per customer

Key management systems

Secret customer key is kept in Amazon’s secure Hardware Security Module (HSM)

Secure API

Uses secure protocols to connect with customer systems using hardened Transport Layer Security profiles for HTTPS

Secure web application

Platform uses HTTPS by default, modern coding standards and stack, and is extensively tested and reviewed

Password management

All passwords are encrypted with a strong cryptographic hashing algorithm and randomly generated salts

Privileges

Segregated IAM roles to restrict and control access. Fine-grained access control on channels, allowing you to control who sees what

Secure Integration

Oauth2 integration with your existing authentication systems

Device Data Protection

Data automatically removed from user’s mobile device as soon as it is uploaded

Active Management

Automated and manual monitoring and management of system security and availability by our dedicated security team

Data Backup

Automatic and regular data backups to a secondary region with automatic key rotation

Physical Security

Benefitting from the physical security measures of AWS data centres. SOC2 compliant

Empower Your Workforce with Digital Eyes and Ears