Information security
For us, information security and confidentiality are top priorities. Boardeasers are used by banks and listed companies with rigorous security requirements. We have been entrusted with handling classified and business-critical information in our platform – therefore information security is a cornerstone of our work.
Through strict routines and continuous security audits by certified auditors, we ensure that all our customers can safely handle their data with us. The data your organization collects in our platform is encrypted, backed up and is only available to the users you choose to give access. Identification is always required when logging in, with eg. BankID and two-factor authentication.
Login and authorization
- Login security with BankID in Nordic countries
- Internal and isolated authorization levels
- Optional two-factor authentication
- Optional USB-key with Yubikey
Information security and confidentiality
- Personal data protection compliant with GDPR
- All Boardeaser staff members are bound by confidentiality agreements
- All Boardeaser staff members undergo screening
- Boardeaser's physical premises are well-secured on multiple levels
Encryption and backups
Encryption and penetration testing
- All data traffic is encrypted
- All files are encrypted according to industry standards
- Regular, automatic penetration testing
- Manual penetration testing carried out by security consultants.
Backups and traceability
- Automatic back-ups every day
- Possibility for customers to run manual backups
- Extensive activity log
- Traceability in accordance with banking standards
GDPR - Compliance
Boardeaser handles your and your organization’s data in accordance with GDPR. You can, among other things, delete your personal data and a data processing agreement is included in our terms of service that you have foundar here.
Secure and trusted infrastructure
- All data in Boardeaser is managed and stored within the EU
- We only work with trusted parties and certified information management systems
Our platform uses two of the world’s largest data infrastructure providers; Amazon Web Services (AWS) and Heroku. The suppliers ensure availability, backup, updates, monitoring 24/7, firewalls, security zones and large parts of our security follow-up.
Certifications
AWS holds certification in accordance with ISO/IEC 27001, 27017, 27018 and 9001. Read more on Amazon’s website.
Heroku holds certification in accordance with ISO 27001, 27017, 27018 and SOC 1, 2 and 3. Read more on Heroku’s website.
Find out more?
We are happy to answer questions about our handling of information security and confidentiality. Contact us and we will get back to you as soon as we can.
