ABsmartly Commitment to Information Security
Last updated: 23-01-2024
Our Commitment
Protecting ABsmartly information and reputation is of utmost priority. We value the importance of being transparent about our security posture and how security is embedded into our DNA, since very early days.
We strive to provide our customers with the confidence to choose ABsmartly as a trusted vendor. To do so, we have implemented an information security management system (ISMS), based on international standards and best practices, and managed by dedicated resources.
ABsmartly ISMS has been certified against the ISO/IEC 27001:2013 international standard.
Security Controls
Human Resources
Mandatory acknowledgement of security policies and periodic security awareness training.
Formally defined roles and responsibilities related to our information security processes.
Confidentiality agreements established with all personnel.
Data Protection
Encryption of all data both in transit, and at rest.
User access controls including single sign on and mandatory multifactor authentication.
Logging and monitoring processes and technologies with automated alerting.
Secure Development
Secure Software Development Lifecycle with a security-by-design approach.
Code reviews against OWASP Top 10.
Security Testing
Periodic penetration testing performed by independent third-parties.
Ongoing vulnerability scans.
Infrastructure Security
Change management program ensuring all changes are evaluated, tested and formally approved.
Systems hardening according to industry standards and best practices.
Centralized endpoint management solution with enforcement of security policies.
Availability
Relying on leading cloud services providers which offer highly-available, resilient and redundant infrastructures.
Incident Management
Formally defined incident management procedures to address incidents which may impact the confidentiality, integrity or availability of our client’s information.
Report Suspected Vulnerabilities
If you found a potential issue which may compromise the security of our products or services, you are welcome to contact us at vulnerability-report@absmartly.com.
ABsmartly takes security very seriously, and will investigate all reported vulnerabilities. Kindly consider providing any supporting material (e.g., PoC, tool output) which can contribute to effectively understanding the severity of the vulnerability.