We combine enterprise-class security features with comprehensive audits of our application and processes that ensures customer and business data is always protected.
We implement security best-practices. In addition to the security measures provided by Microsoft Azure, such as AICPA SOC 2 and ISO 27001, we also meet not just industry-based compliance standards, but the most stringent requirements, in addition to performing regular penetration tests and security audits.
At Impero, we adhere to the strictest data protecting measures both physically and digitally. Our physical offices are subject to the highest standards of security as well as to periodical inspections. Our cyber security is consistently examined with both internal and external penetration tests performed regularly. Independent, external security experts perform periodic web application security testing. Included is the Open Web Application Security Project’s (OWASP) Testing Project, which produces the premier cyber security testing resource. We are, furthermore, using a geo-redundant backup system, which ensures restoration of data in multiple regions. These measures ensure no loss of data should hostile penetration be attempted.
Impero is hosted and protected by Microsoft Azure using their North and Western Europe data centers. All servers and applications are systematized to automatically apply security patches and rebooting if necessary. Any hostile intrusions are immediately detected and deflected by the firewalls.
An ISAE 3000 statement, issued by the International Federation of Accountants, concerning the relevant processes and IT general computer controls operated by Impero is prepared annually by an external audit partner. Part of the controls performed internally is a review of relevant audit statements covering the Microsoft Azure resources. Among these is the SoC2 report that includes, but is not limited to, the following:
Read on for more information on how we protect your data in our Security White Paper.