Neocase Software has built an ISO 27001:2013 certified ISMS (Information Security Management System)
Neocase Software complies with existing data privacy laws related to its business and especially the European GDPR.
Our Clients’ platforms are segregated
- Environments segregation
Each client has its own applicative instances and databases. Thus, clients access to their own data only.
- Regional segregation
No data transfer between US hosted platforms and European ones.
- Network Filtering is implemented to restrict access to only explicitly allowed ports and protocols, both from external networks and between internal systems.
Any communication channel involved to deliver the hosted services is encrypted using up-to-date protocols and ciphers suites:
- TLS based encryption for external communications to and from the service (HTTPS, SFTP, SMTP/TLS, POPS).
- Databases are encrypted at rest using SQL Server Transparent Data Encryption with AES 256.
Neocase Software orders, at least annually, a full penetration test of its hosted services and performs regular vulnerability assessments
All critical functions are redundant and the solution’s architecture is designed to maximize the availability. Thus, Neocase Software can guarantee 99.5% availability.
All the databases backups are stored on a Geo-Redundant Storage to offer a remote availability on the alternate datacenter.
Neocase Software systems are under continuous monitoring.
Any event is reported immediately, assessed and managed in accordance to its severity.