In addition, the most important security measures implemented in our organisation are:
All Zivver employees and other personnel are subject to adequate and extensive confidentiality obligations. Zivver also performs background checks before employees start at Zivver, including requiring a Certificate of Conduct issued by the governmental authority of the country in which the new employee is residing or recently has resided. We keep our information security policies and our Information Security Management System documentation up to date. All employees frequently participate in security awareness sessions and training.
Zivver employees or suppliers never have access to messages or attachments sent via Zivver by our users. Access to other user and customer data, like the email address and name, is limited on a need-to-know basis. Access is always approved by a member of the leadership team and the Information Security Officer (ISO). The access is reviewed on a monthly basis.
Assets and Office Security
The workstations are kept secure by timely installing security updates and keeping the anti-virus software up to date. In addition, we keep a list of software that is allowed to be used by Zivver employees, which have gone through a strict vetting process and ultimately approved by the ISO for security and compliance aspects.
The security of our internal IT has been audited and we have received the Cyber Essentials Plus Certificate.
The office is well protected by several measures, such as an alarm and access control and a fully functioning front desk security. Additionally, Zivver has implemented a clear screen policy, a clean desk policy and a ‘always lock your computer if you leave your desk policy’.
Zivver has standard and tested security incident response procedures. The procedures make sure we take the required steps. For every incident we identify the root cause and possible improvement actions, such as changing/updating policies and procedures or adding additional checks.
Additionally, Zivver annually tests its business continuity plans.
Would you like to know in depth how Zivver organizes their own encryption and privacy by design? Download the whitepaper by clicking the button below.