Word-class security
Cybersecurity
- Partnership with industry leaders in the area of cybersecurity.
- Regular penetration tests performed by specialists in the market like Cobalt, EY, and Redguard.
- Internal 24/7 DevSecOps team to protect customer data.
Mobile device security
- Multiple layers of strong encryption to ensure the confidentiality and integrity of customer data.
- Remote wiping capability in order to remove sensitive data from lost or stolen devices.
Independent auditing
- In addition to various ISO-certification of our top-notch data centers, Sherpany holds its own ISO 27001 and ISAE 3000 Type II certificates.
- Compliance with European industry best practices for the simplification of the compliance processes of our customers.
- Access to Audit Logs via a Self Service Portal to control and monitor the access of information within the organisation.
Compliance
To support the compliance processes of customers, we are compliant with:
- General Data Protection Regulation (GDPR)
- Banking secrecy
- FINMA Outsourcing
- Swiss Data Protection Regulation (DSG)
Infrastructure security
- Strong end-to-end encryption to protect customer data from unauthorised access.
- State-of-the-art perimeter defence to keep attackers out.
- Monitoring and alerting to ensure it and security operations.
- Complete audit trail to be able to reconstruct past events.
Logical Access control
- User or group access defined and managed by the customer.
- Highly secure and convenient 2-Factor-Authentication to protect accounts from unauthorised access.
Datacenter Security
Both data centers are located in Switzerland and offer a top-notch hosting environment with multiple layers of security. Data center security includes:
- A variety of physical security measures to prevent unauthorised access to the equipment.
- Local redundancies to eliminate single point of failures.
- Geographically independent set-up to be prepared for worst-case scenarios.
- ISO 27001 certifications to demonstrate compliance with industry best practices.
