Security at Mevisio

Your data is safe with us

Mevisio uses industry standards and best practices for data management and security.

Secure software

Mevisio is designed to be secure from the ground up, having security top of mind in our product development.

ISO 27001

Our information security management system is certified compliant to the international standard.

Security first

We prioritize security in all design decisions and supplier selections, and are committed to deliver our customers a secure and reliable service.

The Mevisio platform is hosted on AWS, Amazon Web Services. AWS is architected to be the most secure cloud computing environment available today. Their core infrastructure is built to satisfy the security requirements for the military, global banks, and other high-sensitivity organizations. This is backed by a broad set of cloud security tools, with security, compliance, and governance services and features. AWS supports many security standards and compliance certifications.

Encryption

All communication between client and server is encrypted with industry standard methods, for example TLS with SHA-256/RSA. Your data is never transmitted in an unencrypted state which prevents unauthorized parties from reading data during transmission.

All data is encrypted with AES-256 when persistently stored in our databases or file storage. This makes the data unreadable for an attacker with access to the physical servers. Passwords are hashed with bcrypt and never stored in plain text following industry standard best practices.

Information Security Management

Compliance

Our information security management system is certified compliant with the international standard ISO 27001.

External Assessment

The platform has been externally assessed by a leading cyber security firm and put through penetration test and source code analysis.

Monitoring

Server systems are continuously monitored for availability, potential intrusion and malfunction alerts.

Backup

Data is automatically backed up several times a day to multiple regions to prevent unintended loss of data.

Audit trail

All activities in the platform are logged to the audit trail, enabling us to trace historic events related to data manipulation etc.

Incident Management

All security related incidents are handled with top priority following our internal procedures.