Security

EVERYTHING ABOUT OUR SECURITY MEASURES

SECURITY CENTER

From advanced encryption techniques to thorough employee training programs, we go above and beyond to guarantee the security of your work environment.

Glartek Security and Compliance diagram
Protecting Your Data: Our Data Security Measures
ISO 27001 

Glartek is certified by SGS for the ISO 27001 security certification, the international standard for Information Security Management Systems (ISMS). You can access our official certification document here.

GDPR

We respect the EU’s General Data Protection Regulation, which outlines strict protections for consumer data, prioritizing integrity and confidentiality and limiting how organizations can handle data.

SOC 2 Type II

We build our products to be compliant with AICPA’s SOC for Service Organizations Trust Services Criteria (SOC 2).

Ensuring the Safety of Your Information: Our Efforts to Secure Your Data
1 | Platform Access
Authentication

Single Sign-on (SSO), Lightweight Directory Access Protocol (LDAP) and SAML to authenticate users in systems.

Password

Enforce password complexity and expiration.

Roles and Permissions

Configurable user access to data and features.

2 | CustomerData
Encrypted

Industry leading standard protocols to protect data in transit (including TLS 1.2 and 256 AES encryption) and at rest (including FIPS 140-2 compliant encryption standards).

Transfer

Data transfers within or between countries/regions respect the EU, Swiss, UK and CCPA legislations.

Auditable

All user and device actions and Data changes are logged for audit purposes.

3 | Availability
Uptime

Redundant hosting partners providing 99.9% uptime SLAs.

Hardened Virtual Private Cloud

Servers in separated infrastructure to prevent unauthorized access to/from our IT network.

Backups

All customer Data is backed up off-site at least on a daily basis.

We are engaged in Cyber Security continuous improvement.
1 | Our Company
CISO

We have appointed an experienced CISO full-time employee.

Risk Assessments

We regularly perform Processes, Policies and Procedures (3P) and Privacy Impact self-assessments.

Security Assessments

We work with partners for independent company and product assessments, such as black-box penetration testing.

2 | Our Employees
Training

All employees undergo software development life-cycle security and awareness training annually.

Confidentially

All employee and partner contracts include confidentiality clauses.

Data access

All access to customer data is registered, logged and reported to the customer.

Contact Us

For further information, please contact Glartek’s security team by email at [email protected].