Security and trust

Signicat delivers business critical services to its customers. These trusted services are delivered in line with regulatory and best practice requirements.

Security and trust

Signicat delivers business critical services to its customers. These trusted services are delivered in line with regulatory and best practice requirements.
EU-Trust-Service-Provider

EU Trust Service Provider

As a Qualified Trust Service Provider, Signicat is one of a select few companies who can use the EU Trustmark and is part of the EU Trust List.

KYC-and-AML-compliance

Software as a Service

All Signicat services are delivered as Software as a Service (SaaS). Using Signicat services will benefit the customers as strict requirements will be implemented for all Signicat customers. Signicat have a great number of customers with high security requirements in regulated industries. This means that making these services secure is a primary concern for us, and it makes us focus on security in the development and operations of the services. We believe that we have good security, and are continuously improving the management system and control implementation.

Integrated-registry-and-database-lookups

Information security management

Signicat organizes it's security work by implementing a Information Security Management System (ISMS) following and certified in line with the ISO/IEC 27001:2013 standard. We have a dedicated Security and Quality organization lead by Signicat's CISO. The CISO leads and are part of Signicat's Information Security Board (ISB) which includes top-level management from different departments in Signicat. To ensure that the ISMS is performing and implemented in line with best practice we conduct an extensive audit program.

Eliminate-manual,-face-to-face-processes

Personal data and privacy

When processing personal data for the customers’ users, Signicat will act as a data processor according to European data protection law. Signicat offer a Data Processing Agreement (DPA) that are aligned with GDPR and performs an annual audit of its compliance of the DPA with a report which is available for customers.

Signicat secures personal data through strong logical and physical access controls. All personal data is encrypted in transport, as processed in line with the Signicat Privacy Policy.

Finnish-Trust-Network

Operation Management Plan

Signicat uses the ITIL framework to ensure that we have good processes in place. These processes take security requirements into consideration and these requirements are baked into the processes. The most important ITIL processes in Signicat are listed below:

  • Business Continuity Management
  • Access Control Management
  • Deployment Management
  • Event Management
  • Problem Management
  • Request fulfillment
  • Incident Management
  • Key Management

Get in touch

Want to talk to us about what we do, or need some additional information? Don’t hesitate to get in touch.