Skip to Main Content
This website uses cookies. View our cookie policy

Security measures: Buy with confidence

As a supplier of GRC (governance, risk and compliance) software, Vigilant Software takes security seriously.

We are certified to the ISO 27001 information security, ISO 27701 privacy and ISO 9001 quality standards. We follow a secure development lifecycle and are continually improving our software by including security enhancements throughout our development roadmap.

Measures we have taken to ensure your data is secure:

  • Our CyberComply platform is built on Microsoft’s Azure platform and hosted in its EU data centres. Azure is certified and audited to numerous security standards, including ISO 27001, SOC 1, 2 and 3, and CSA STAR. More details on Azure’s credentials can be found here.
  • Our software is developed to OWASP standards and our developers are trained accordingly.
  • Structured data is retained in Azure SQL managed databases that are continually backed up, with backups retained for 30 days, in case of the unlikely event of a catastrophic failure.
  • All data is encrypted at rest and in transit using best practices founded on secure, mainstream encryption protocols.
  • The application is configured to automatically failover in the event of data centre failure.
  • CyberComply is regularly penetration tested and summary test results are available on request, under NDA (non-disclosure agreement).
  • CyberComply not affected by Log4Shell. The Log4Shell vulnerability affects applications that use the Log4j Java logging library, and allows an attacker to execute code directly on the application server. Criminals are already using it to gain access to networks, systems and data held within applications, and to cryptojack target resources. CyberComply does not use the Log4j library, nor does the application run in a Java Virtual Machine environment, so it is unaffected by this vulnerability. Furthermore, the Java Naming Directory Interface (JNDI) that is necessary for the Log4Shell vulnerability to be exploited is not present in any of our infrastructure. You can rest assured that all of your data within CyberComply is secure.

Speak to our experts for more information about our software solutions