Security is at the core of everything we do. Our Information Security Management System (ISMS) is built on the ISO 27001:2022 standard, ensuring a structured approach to protecting data and mitigating risks.
What’s an ISMS?
Our ISMS is a structured framework for managing information security, based on ISO 27001. It ensures risks are proactively managed to protect the confidentiality, integrity, and availability of data.
How we keep your data safe:
- Strict access controls
- Continuous risk monitoring
- Regular external audits
- Rapid incident response
This internationally recognised certification demonstrates our commitment to robust security practices, proactively managing risks to safeguard the confidentiality, integrity, and availability of our data. Our compliance is independently audited and certified through yearly external assessments.
Key Security Measures
To protect our systems and data, we implement over 100 security controls. Here are some of the most critical ones:
Vulnerability Management
We use advanced open-source scanners to continuously assess code repositories and infrastructure. Detected vulnerabilities are automatically categorised and scheduled for mitigation.
Web Application Firewalls (WAFs)
WAFs shield our web applications from malicious traffic by filtering and blocking threats before they can cause harm.
Intrusion detection and prevention system (IDS/IPS)
Our host-based IDS/IPS identifies and prevents suspicious activities using pattern recognition and heuristics.
Security Incident & Event Management (SIEM)
We centralise security alerts from multiple sources, including vulnerability management, WAFs, and IDS/IPS, to ensure rapid response to potential incidents.
Penetration Testing
We conduct biannual penetration tests on our TB.One application, feeding any findings into our vulnerability management system for resolution and verification.
Multi-factor authentication and single sign-on
We enforce MFA for all applications handling personally identifiable information (PII). Single sign-on enhances security while improving user convenience.
Encryption at rest and in transit
Sensitive data is classified according to strict standards and encrypted using state-of-the-art methods, both in storage and during transit.
Data Loss Prevention (DLP)
Our DLP system blocks unauthorised external storage devices to prevent malware infections and restricts the transfer of sensitive data to prevent breaches.
External Attack Surface Management
We proactively monitor the dark web and instant messaging services for potential security threats and identify fraudulent domains to prevent impersonation.
Secure Software Development Life Cycle (SDLC)
Our SDLC framework embeds security into every stage of software development, ensuring robust protection against potential threats.
Backup and Recovery
We have dedicated backup and restore processes for all critical services, ensuring data availability and rapid recovery when needed.
Business Continuity Management
Our Business Continuity Plan (BCP) provides structured recovery procedures in case of major disruptions. We test the plan annually through realistic disaster simulations.
AWS Security
Our infrastructure is hosted on AWS, leveraging key security features such as:
- Virtual Private Clouds (VPCs): network separation for enhanced security.
- DDoS Protection: AWS Shield defends against denial-of-service attacks.
- High availability: services run across multiple availability zones in Frankfurt, with Ireland as the failover region.
- AWS CloudTrail: for monitoring and auditing
Security Awareness Training
All employees participate in monthly security awareness training, covering topics like social engineering, phishing, and ransomware through interactive content.
Phishing simulations
Regular phishing simulations test our employees’ ability to detect and respond to cyber threats, reinforcing security best practices.
Privacy
Our technical and organisational measures (TOMs) ensure compliance with the General Data Protection Regulation (GDPR).
View our TOMs or contact: dataprotection@tradebyte.com.
Get in touch
For security-related enquiries: contact.security@tradebyte.com
For privacy-related enquiries: dataprotection@tradebyte.com
Already a Tradebyte customer? Reach out to your Key Account Manager for more information.