Security and privacy are built into our software, infrastructure and processes. We combine organisational and technical security measures with comprehensive audits in order to maintain highest security standards.
Official ISO 27001 certification & maintenance of an ISMS
Full GDPR compliance and close collaboration with data protection officer
Security by design, logical separation & encryption of all customer data
ISO 27001 is an international standard for information security management (ISMS), which serves as a framework for corporate information risk management processes. We are ISO 27001:2013 certified since 2022 and operate a company-wide ISMS together with our Chief Information Security Officer.
Together with our Data Protection Officer (DPO), we have developed and implemented comprehensive processes, advanced security measures and ongoing trainings for our employees. Data protection is already ensured at development stage using state of the art technical and organisational measures.
evenito uses modern and secure frameworks with security controls to limit exposure to OWASP's top 10 security vulnerabilities. Those embedded controls mitigate our exposure to SQL injection (SQLi), Cross Site Scripting (XSS), Cross Site Request Forgery (CSRF) and more.
Our infrastructure is hosted on a leading cloud provider which is completely located in Switzerland. Numerous security concepts have been implemented for these data centres. In addition, the cloud provider meets strict data protection and compliance standards (ISO 27001, 27017, 27018) and works with numerous FINMA-regulated companies.
All rules and guidelines created within the framework of the ISMS are made available to the entire staff. In addition, regular awareness trainings take place to train the behaviour in case of security events. evenito adheres to the principle of role-based access with the lowest privileges in order to minimise risks.
Get access to our security center and our resources documenting our commitment to information security.
