Asset 1-1-1

Protect Your Company’s Most Sensitive Information.

Choose the Highest Security with Digitaliq.

 

Contents

1. Security

- Data Storage 

- Database

- Two-Factor Authentication 

- SSO

- Measures Against Data Breaches 

- Backup, Rolling-Release, and Maintenance 

- API

2. Personvern

- Encryption

- Certification

- Improvements?

 

 

 
ISO LOGO

ISO/IEC 27001:2022
To ensure that we follow best practices for information security, we have implemented the ISO/IEC 27001:2022 management system.

 

 
           ISO 27001 servers
           Data securely hosted by Digital Garden AS (old name: Syse AS)

miljofyrtarn-norsk-farger  
           Miljøvennlig web- og server hosting
           100% Renewable energy

Grade A - Portal.mittvarsel.no  
           Security Headers
           Grade A. Click here for the report
         

 

A + - SSL repport  
           SSL Labs
           Grade A+. Click here for the report

     

100 % - Hardenize  
           Hardenize
           Web Security Overview. Click here for the report

     

 

 

security
Security

We deliver secure solutions.

Security is at the heart of everything we do.
We’ve created this page to give you a glimpse of some of the elements that make our solutions secure.

 

security
Security

 


Data Storage

Digiplex at Ulven in Oslo is the country’s leader in secure, vendor-neutral hosting. They offer world-class facilities with very high security, climate control, and redundancy in both telecommunications and power.

 

Physical Security at the Data Center

  • Access systems and advanced surveillance systems
  • 360-degree high-security fence with physical access control
  • Security managed from a purpose-built bunker staffed 24/7
  • Data stored on servers at a facility certified according to: ISO 9001:2015, ISO 27001:2013, ISO 14001:2015, and OSHAS 18001:2007. For a full overview, click here: https://www.syse.no/hosting#section-hosting-driftsmiljo

Database

The database is built on open-source technologies MySQL and MongoDB. The encrypted database is mirrored to three separate locations to maintain redundancy.

Two-Factor Authentication

All users of the solution can activate two-factor authentication via SMS, ensuring that unauthorized individuals cannot access their accounts. 2FA is free and included in all setups.

SSO

Single Sign-On (SSO) is a feature that allows users to log into multiple applications and services with a single set of credentials (such as username and password). This means less hassle remembering different passwords for various services and reduces the risk of password reuse, a common security challenge.

In our portals, such as TransparencyGate and Mittvarsel, we have integrated SSO to enhance security and simplify user experience. By using trusted providers like Microsoft, Google, and LinkedIn, we ensure that access management is both secure and efficient. Users don’t need to remember and manage multiple passwords, reducing the likelihood of security breaches.

By enabling SSO at the portal level, we ensure that all users within an organization benefit from this security advantage without needing individual activation. This contributes to a more comprehensive security strategy and a user-friendly access process for everyone.

Measures Against Data Breaches

We take expected measures to secure against data breaches:

  • Software maintenance
  • Updating to the latest versions
  • Encryption, obfuscation of sensitive information, and auto-generating passwords ensure that any data that might be leaked is of little use and only shows high-level information.

Backup, Rolling-Release, and Maintenance

Backup is performed at least hourly. Encrypted backups are stored in three separate locations. New functionality, system maintenance, and updates follow the rolling-release model. This means no downtime for systems when launching new features, changes, or updates. Changes are tracked in version control, and rollback is facilitated if needed.

API

We have an internal API for integration with third-party systems, such as archive systems. Our API is flexible and can securely retrieve and transmit the necessary information.

 

 

Data, policy, privacy, security icon - Download on Iconfinder
Privacy

 


Privacy at Digitaliq

Protecting sensitive personal data is one of the most important things we facilitate in our solutions. All data is stored securely and in compliance with GDPR, and we encourage everyone to take IT security seriously. Read more about privacy here.

 

Encryption

All end-to-end communication is encrypted with industry-standard 256-bit SSL connection. Certificates are issued annually by Let’s Encrypt/Verisign.

Sensitive personal information is stored in our cloud solution and encrypted with AES-256.

 

ISO/IEC 27001:2022 Certification

Digitaliq AS is ISO/IEC 27001:2022 certified.

This means that our customers can have full confidence that their data is handled with the highest security and confidentiality. In a time when digital security is more important than ever, we want to assure our customers that we are committed to continuous improvement and compliance with international security standards.

ISO/IEC 27001:2022 is an internationally recognized standard for information security management systems (ISMS). It sets guidelines and requirements for how organizations should manage and protect their information resources. The main elements of this standard include:

  • Risk Management: Organizations must systematically identify, assess, and treat information security risks.
  • Security Controls: Implementing appropriate security measures to protect information from various threats. This can include technological solutions, procedures, policies, and employee training.
  • Management Commitment: Management must show active support and commitment to the ISMS, including adequate resource allocation and establishing a security culture.
  • Continuous Improvement: The standard requires organizations to continually monitor, review, and improve their ISMS to ensure it remains effective and relevant.
  • Internal and External Audits: Regular audits to ensure compliance with the standard and identify areas for improvement.

Improvements?

We always aim to improve and greatly appreciate feedback on how we can make our services more secure. Is something not working as expected or difficult to understand? Let us know through the contact form!

Contact us

Contact us

Do you want to talk with one of us at Digitaliq?

Feel free to contact us for a non-binding conversation! We always respond quickly. You can also call us if you want to talk right now.

 

Severin Eikrem crop circle

– «I take great pleasure in delivering smart solutions to satisifed customers»

Severin Eikrem
Business Developer
(+47) 462 98 666
severin@digitaliq.no