Security & Compliance

We pay special attention to security. Already during the design phase of each solution and feature, we take into consideration questions related to data security and security of processes performed by the system.

We implement our own original technology, which we subject to meticulous testing. We don't use ready-made components, since all features of iPresso are developed by our company. This gives us complete control over source code, processes, resources and operating logic of all the parts of the system.

Physical Security

Designed to deny unauthorized access to facilities, equipment and resources and to protect personnel and property from damage or harm; Involves the use of multiple layers of interdependent systems which include CCTV surveillance, security guards, protective barriers, locks, access control protocols.

  • Multi-level security zones
  • DC with Tier III and Tier IV
  • Redundancy of key physical infrastructure components
  • Independent locations
  • Team of administrators

Network security

Consists of the policies and practices adopted to prevent and monitor unauthorized access, misuse, modification, or denial of a computer network and network-accessible resources; involves the authorization of access to data in a network, which is controlled by the network administrator.

  • HTTPS
  • Secure architecture
  • Incident management
  • Redundancy of key network infrastructure components

Performance

  • Large data volumes handled in real time
  • Maintenance of database > 5 milion contacts
  • SLA > 99%
  • Monitoring

Transmission

  • SSL/TLS
  • Firewall
  • Security Incident Event Management

Access Control

  • Password policy
  • Unique addresses
  • IP limits
  • LDAP (Management of roles and groups of users)
  • SSO
  • 2FA
  • R&D accessible internally via VPN

GDPR

  • Management of marketing consents
  • Unsubscribe pages
  • Various variants of profile pages
  • Statistics
  • Data anonymization and deletion

Norms

  • ISO 27001
  • ISO 9001
  • Privacy policy
  • Security policy
  • Conformity with IAB standards

The following audits are systematically conducted

  • Penetration tests
  • Data security management
  • Service quality management
  • Physical security
  • Compliance with the norms in force

Physical Security

Designed to deny unauthorized access to facilities, equipment and resources and to protect personnel and property from damage or harm; Involves the use of multiple layers of interdependent systems which include CCTV surveillance, security guards, protective barriers, locks, access control protocols.

  • Multi-level security zones
  • DC with Tier III and Tier IV
  • Redundancy of key physical infrastructure components
  • Independent locations
  • Team of administrators

Network scurity

Consists of the policies and practices adopted to prevent and monitor unauthorized access, misuse, modification, or denial of a computer network and network-accessible resources; involves the authorization of access to data in a network, which is controlled by the network administrator.

  • HTTPS
  • Secure architecture
  • Incident management
  • Redundancy of key network infrastructure components

Performance

  • Large data volumes handled in real time
  • Maintenance of database > 5 milion contacts
  • SLA > 99%
  • Monitoring

Transmission

  • SSL/TLS
  • Firewall
  • Security Incident Event Management

Access Control

  • Password policy
  • Unique addresses
  • IP limits
  • LDAP (Management of roles and groups of users)
  • SSO
  • 2FA
  • R&D accessible internally via VPN

GDPR

  • Management of marketing consents
  • Unsubscribe pages
  • Various variants of profile pages
  • Statistics
  • Data anonymization and deletion

Norms

  • ISO 27001
  • ISO 9001
  • Privacy policy
  • Security policy
  • Conformity with IAB standards

The following audits are systematically conducted

  • Penetration tests
  • Data security management
  • Service quality management
  • Physical security
  • Compliance with the norms in force