security-header
application-secuirty

Application Security

We take steps to securely develop and test against security threats to ensure the safety of our customer data.

  • 2 Factor Authentication
  • Single Sign On (SSO)
  • AES – GCM 256-bit Encryption (Data at Rest)
  • AES 256-bit SSL / TLS (Data in transit)

Data Centre

Perivan Technology’s Software-as-a-Service (SaaS) production environment are hosted by Amazon (AWS) at their advanced facilities in London England and Dublin Ireland. Perivan Technology operations personnel have full and complete responsibility for the management of the servers, networks, databases, applications, and system monitoring.

Amazon is SOC 1, SOC 2, SOC 3, DoD SRG, FedRAMP, FIPS, ISO 27001, ISO 9001, ISO 27017, ISO 27018 and PCI-DSS Level 1 compliant.

data-centre
mobile-security

Mobile App Security

All access points into our applications are built with security in mind, with our mobile apps being no different.

  • Multi factor Authentication (including Pin, which is separate to device pin)
  • 256-bit SSL secured data transfer between mobile apps and secure host
  • Public Key certificate pinning to mitigate ‘Man in the Middle’ attacks
  • Remote wiping

ISO27001

Perivan Technology verifies compliance to the highest security standards by undertaking annual ISO27001 audits for Security, Availability and Confidentiality. Perivan Technology’s controls are designed to be in line with ISO27001 and other industry best practice criteria. Areas where controls are reviewed and tested include:

  • Security Policies and Procedures
  • Risk Management and Executive Oversight
  • Engineering LifeCycle for Applications (SDLC, Change Management, QA, Separate development environment, Source Code protection, etc.)
  • Customer Support – Ticket Processing and Escalation
  • Third Party Security Testing – External penetration testing and application
  • Authenticated testing against OWASP Top 10 vulnerabilities • Security Infrastructure (Firewalls, Intrusion Prevention,Monitoring, etc.)
  • Internal IT Security
firewall