Security isn't just a priority at Enterspeed – it’s our passion.
Guided by our Information Security Management System (ISMS), we've implemented a robust security programme based on the ISO 27001:2013 international standard. This allows us to systematically assess and manage risks, threats, and vulnerabilities, ensuring the utmost security for customer information.
Accountability for security starts at the top. Our leadership team is fully committed to maintaining security competencies across all levels of our organisation. Through a comprehensive, unified approach, we strive to guarantee the confidentiality, availability, and integrity of your data.
For more details on our rigorous security measures, we invite you to explore this page. Know that with Enterspeed, your content and data are secured against unauthorised access with the highest level of care.
Enterspeed operates exclusively on Microsoft Azure, a platform that offers robust Infrastructure-as-a-Service (IaaS) with a focus on top-tier security capabilities. As a cloud-native service, our physical security requirements are managed and executed by Microsoft's compliant offerings; we do not maintain our own data centres.
Our data storage and delivery operations utilise data centres that are certified to be in full compliance with the ISO 27001 standard, ensuring maximum security for your valuable content.
Sensitive data, including connection strings utilised in our applications, are encrypted and managed through a specialised secret management service.
Rest assured that all data communication involving you, your services, and Enterspeed takes place over encrypted HTTPS channels utilising TLS v1.2. Additionally, transit data between Enterspeed and our Delivery Regions is encrypted to negate unauthorised third-party access.
We conduct multiple daily backups of customer-uploaded data and view data. These backups are stored across Azure's multi-regional infrastructure to provide an additional layer of security.
Our Software Development Kits (SDKs) are open-source, and we wholeheartedly welcome contributions from our developer community via GitHub.
Our development strategy leverages GitHub’s pull request mechanism for code reviews. Following a pull request approval, our engineers advance the code through the development lifecycle. Pair programming is regularly practiced in identifying bugs early on.
Upon code commitment to GitHub, our Continuous Integration (CI) processes automatically trigger an array of tests, including static code analysis to identify vulnerabilities.
Before deployment, code is subjected to both manual and automated QA testing in an isolated Azure environment to ensure its quality and integrity.
All Enterspeed team members, as well as contracted third parties, undergo regular security and data privacy awareness training relevant to their roles.
We ensure that all company-issued hardware and contracted third parties is equipped with encrypted storage.
Enterspeed maintains comprehensive internal policies concerning data privacy and security, readily accessible in our employee handbook.
We adhere to advanced password policies compliant with NIST guidelines and encourage the use of password managers for enhanced security. We also offer all employees a license for a password manager to use for their personal login items.
MFA is enforced across our primary services and strongly recommended for both employees and customers for all other services.
In the event of a security incident, a well-documented response plan is activated, involving customer notification and full cooperation with data protection authorities.
While we do not have a formal bug bounty programme, we are open to rewarding security researchers for responsible vulnerability disclosure.
For questions, incident reports, or to discuss security vulnerabilities, please contact us at email@example.com.
ResourcesPatternsBlogDemos & Examples Documentation API Documentation Product updates Newsletter signup Status
© 2020 - 2023 Enterspeed A/S. All rights reserved.
Made with ❤️ and ☕ in Denmark.