You are here because security matters to you. We know you need to be sure your service providers (like us) take security as seriously as you do. Below you'll find more information on how we ensure the safety of your data in Avisi's Atlassian Apps.
ISO 27001 is an international standard providing requirements for an information security management system. We use this system to manage sensitive information and evaluate and mitigate security risks. As part of our certification we:
- Continuously evaluate and improve our security, privacy and compliance processes and controls.
- Have implemented a suite of information security controls to address security risks.
- Systematically evaluate our information security risks, impact and vulnerabilities.
- Have implemented an audit and compliance management process.
Avisi Apps B.V. has received its current ISO 27001:2017 certificate from Certicus in June 2020.
SOC 2 is an international standard for IT service providers to demonstrate how they manage (customer)data, based on a set of "Trust Services Criteria". These criteria include security, availability, integrity and confidentiality. Based on an assurance statement it is determined whether a organisation complies with SOC 2. Avisi Apps has been in possession of a SOC 2 Type II declaration since 2021.
Avisi B.V. is part of the cloud security program with Atlassian. This is a collaboration between vendors and Atlassian to increase security awareness and improve security practices.
Security is our top priority. To make sure our practices are up to standard, we are audited by an independent and certified third-party. We take their reports very seriously and have a process in place to address any issues that present risks to us or our customers.
We make sure that our employees can be trusted with your data:
- All employees are trained to make security a priority.
- Production data is only accessible by a select group of employees.
- Production data access is registered by an audit log.
- Production data access is controlled by the four-eyes principle.
- We have 'employee leaving' procedures in place.
- We only work on computers with full disk encryption and a strict locking policy.
We highly value privacy and the protection of your personal data. Therefore, we have put forward a Data Processing Addendum, tailored to our products and services. In the Data Processing Addendum, we mutually agree on how we handle and protect personal data on your behalf.
Our cloud apps don't completely run in Atlassian's host products. Part of their functionality is taken care of on our servers. Here is how we make sure that our cloud apps are secure: