Security & Compliance

We pay special attention to security. Already during the design phase of each solution and feature, we take into consideration questions related to data security and security of processes performed by the system.

We implement our own original technology, which we subject to meticulous testing. We don't use ready-made components, since all features of iPresso are developed by our company. This gives us complete control over source code, processes, resources and operating logic of all the parts of the system.

The following audits are systematically conducted:

keyboard_arrow_rightPenetration tests

keyboard_arrow_rightData security management

keyboard_arrow_rightService quality management

keyboard_arrow_rightPhysical security

keyboard_arrow_rightCompliance with the norms in force

Physical Security

Designed to deny unauthorized access to facilities, equipment and resources and to protect personnel and property from damage or harm; Involves the use of multiple layers of interdependent systems which include CCTV surveillance, security guards, protective barriers, locks, access control protocols.

Multi-level security zones in DC
DC with Tier III and Tier IV
Redundancy of key physical infrastructure components
Independent locations
Team of administrators
Network security

Consists of the policies and practices adopted to prevent and monitor unauthorized access, misuse, modification, or denial of a computer network and network-accessible resources; involves the authorization of access to data in a network, which is controlled by the network administrator.

HTTPS
Secure architecture
Incident management
Redundancy of key network infrastructure components
Performance
Large data volumes handled in real time
Maintenance of database > 5 milion contacts
SLA > 99%
Monitoring
Transmission
SSL/TLS
Firewall
Security Incident Event Management
Access Control
Password policy
Unique addresses
IP limits
LDAP (Management of roles and groups of users)
SSO
2FA
R&D accessible internally via VPN
GDPR
Management of marketing consents
Unsubscribe pages
Various variants of profile pages
Statistics
Data anonymization and deletion
Norms
ISO 27001
ISO 9001
Privacy policy
Security policy
Conformity with IAB standards