IT Security
For us, information security and confidentiality are top priorities. Boardeasers are used by banks and listed companies with rigorous security requirements. We have been entrusted with handling classified and business-critical information in our platform – therefore information security is a cornerstone of our work.
Through strict routines and continuous security audits by certified auditors, we ensure that all our customers can safely handle their data with us. The data your organization collects in our platform is encrypted, backed up and is only available to the users you choose to give access. Identification is always required when logging in, with eg. BankID and two-factor authentication.
Eligibility and Confidentiality
Login and Authorization
- Supports BankID in all Nordic countries
- Internal and isolated authorization levels
- Optional two-factor authentication
- Optional USB-key with Yubikey
Confidentiality
- Personal data protection compliant with GDPR
- Boardeaser staff is bound by confidentiality agreements
- All Boardeaser staff members undergo screening
- Boardeaser's physical premises are well-secured on multiple levels
Encryption and backups
Encryption and penetration tests
- All data traffic is encrypted
- All files are encrypted according to industry standards
- Regular, automatic penetration testing
- Manual penetration testing carried out by security consultants.
Backups and traceability
- Automatic back-ups every day
- Possibility for customers to run manual backups
- Extensive activity log
- Traceability in accordance with banking standards
Secure and trusted infrastructure
- All data in Boardeaser is managed and stored within the EU
- We work solely with trusted parties and certified information management systems
Our platform uses two of the world’s largest data infrastructure providers; Amazon Web Services (AWS) and Heroku. The suppliers ensure availability, backup, updates, monitoring 24/7, firewalls, security zones and large parts of our security follow-up.
Certifications
AWS holds certification in accordance with ISO/IEC 27001, 27017, 27018 and 9001. Read more on Amazon’s website.
Heroku holds certification in accordance with ISO 27001, 27017, 27018 and SOC 1, 2 and 3. Read more on Heroku’s website.
Questions?
We are happy to answer questions about our handling of information security and confidentiality. Contact us and we will get back to you as soon as we can.
