Security Policy

You are here because security matters to you. We know you need to be sure your service providers (like us) take security as seriously as you do. Below you'll find more information on how we ensure the safety of your data in Avisi's Atlassian Apps.

ISO 27001 Certification

ISO 27001 is an international standard providing requirements for an information security management system. We use this system to manage sensitive information and evaluate and mitigate security risks. As part of our certification we:

  • Continuously evaluate and improve our security, privacy and compliance processes and controls.

  • Have implemented a suite of information security controls to address security risks.

  • Systematically evaluate our information security risks, impact and vulnerabilities.

  • Have implemented an audit and compliance management process.

Avisi B.V. has received the ISO27001 certificate from Dekra in September 2017.

Atlassian Cloud Security program

Avisi B.V. is part of the cloud security program with Atlassian. This is a collaboration between vendors and Atlassian to increase security awareness and improve security practices.

You can find more information about this program here.

Audits

Security is our top priority. To make sure our practices are up to standard, we are audited by an independent and certified third-party. We take their reports very seriously and have a process in place to address any issues that present risks to us or our customers.

Employees

We make sure that our employees can be trusted with your data:

  • All employees are in possession of a Certificate of Conduct for handling sensitive information.

  • All employees are trained to make security a priority.

  • Production data is only accessible by a select group of employees.

  • Production data access is registered by an audit log.

  • Production data access is controlled by the four-eyes principle.

  • We have 'employee leaving' procedures in place.

  • We only work on computers with full disk encryption and a strict locking policy.

Data Processing Addendum

We highly value privacy and the protection of your personal data. Therefore, we have put forward a Data Processing Addendum, tailored to our products and services. In the Data Processing Addendum, we mutually agree on how we handle and protect personal data on your behalf.

Avisi Cloud Apps

Our cloud apps don't completely run in Atlassian's host products. Part of their functionality is taken care of on our servers. Here is how we make sure that our cloud apps are secure:

Questions

If you have any questions regarding our security policy, please contact us here: https://avisi-support.atlassian.net/servicedesk/customer/portals.