Skip to content

Security is in our DNA

We combine enterprise-class security features with comprehensive audits of our application and processes that ensures customer and business data is always protected

Data protection

We use the highest recommended standard of algorithms for encrypting your data, and both data-at-rest and data-in-transit are protected by default

Identity and device management

Ensure only the right people and approved devices can access company information in Impero by implementing features like two-factor authentication or single sign-on

Application security

We take active steps to securely develop and test against security threats to ensure the safety of our customer data, among which are third-party security partners performing detailed penetration tests

Availability and business continuity

We maintain a disaster recovery program to ensure services remain available or are easily recoverable in the case of a disaster. We employ service clustering and network redundancies to eliminate single points of failure

We implement security best-practices. In addition to the security measures provided by Microsoft Azure, such as AICPA SOC 2 and ISO 27001, we also meet not just industry-based compliance standards, but the most stringent requirements, in addition to performing regular penetration tests and security audits. 

Security and data integrity in brief

At Impero, we adhere to the strictest data protecting measures both physically and digitally. Our physical offices are subject to the highest standards of security as well as to periodical inspections. Our cyber security is consistently examined with both internal and external penetration tests performed regularly. Independent, external security experts perform periodic web application security testing. Included is the Open Web Application Security Project’s (OWASP) Testing Project, which produces the premier cyber security testing resource. We are, furthermore, using a geo-redundant backup system, which ensures restoration of data in multiple regions. These measures ensure no loss of data should hostile penetration be attempted.

Impero is hosted and protected by Microsoft Azure using their North and Western Europe data centers. All servers and applications are systematized to automatically apply security patches and rebooting if necessary. Any hostile intrusions are immediately detected and deflected by the firewalls.

Security compliance audit

An ISAE 3000 statement, issued by the International Federation of Accountants, concerning the relevant processes and IT general computer controls operated by Impero is prepared annually by an external audit partner. Part of the controls performed internally is a review of relevant audit statements covering the Microsoft Azure resources. Among these is the SoC2 report that includes, but is not limited to, the following:

  • Backup and restoration
  • Infrastructure
  • Firewall
  • Patching
  • Antivirus
  • Business continuity management

Read on for more information on how we protect your data in our Security White Paper.