Safety and Reliability
SpinOffice CRM’s information security policy is based on ensuring that all information that customers add to the database is optimally protected.
The following concepts are central:
- Availability: is the data available at any time?
- Integrity: is the data correct?
- Confidentiality: do only authorized persons have access to my data?
SpinOffice CRM uses a ‘defense in depth’ strategy. So multiple layers of security apply. If one of the layers fails, the next layer will still provide protection. This applies to ensure the availability, integrity and confidentiality of the application
SpinOffice CRM uses the following components:
- Servers and data centers: e use Amazon Web Services (AWS) to host the application servers needed to run SpinOffice CRM. We have created a so-called ‘private network’ on AWS. Our databases are encrypted with a unique company key and all files stored in SpinOffice are encrypted. AWS is certified via ISO 27001, among others. In terms of availability, we guarantee at least 99.9% uptime for the database servers we purchase.
- Backup: EA copy of our database is automatically made daily. The backups are stored within the EU. We use Amazon Web Services for this purpose.
- Monitoring 24/7: In addition, SpinOffice CRM continuously monitors the availability of our services via software. Problems that our users experience are in most cases immediately identified and addressed by our system administrators.
- Secured web services: The web services are secured with SSL certificates that verify the user’s authenticity. The data sent between users and SpinOffice CRM is encrypted and secured with this SSL (https) connection.
- Security scan: Our web services are continuously monitored for unusual traffic (Spam and Malware), the SSL connection is also checked. Various anti-virus and anti-malware measures have been implemented.
- Alerts We receive alerts based on suspicious log events so that we can act immediately.
- Patch policy To roll out security patches very quickly.
- Confidentiality: Our employees are aware of the risks of working with online data. SpinOffice CRM applies strict separation of duties. All employees have signed a confidentiality statement.
Providing unauthorized access to SpinOffice CRM data or systems is not permitted. We will report this if we observe these activities.