Cloud Infrastructure Security
Simeio’s technical team’s experience in developing and operating market-leading cloud services helps clients pick the right provider specified to their needs. This enabled us to build in security and availability at every layer, from physical security through to laptop, network, and storage. The security and privacy measures are proven during our annual third-party audits and certifications.
- Protecting data at every point within the cloud infrastructure which includes storage, computer, and data transmission
- Service providers are carefully selected to meet Simeio’s data protection standards
- 24x7x365 infrastructure monitoring and other components where the services are defined
- Achieved gold-level certification from Cloud Security Alliance’s (CSA) Security, Trust, and Assurance Registry (STAR)
- Certified in ISO/IEC 27001:2013 and conforms to the requirements of ISO 27001 standard
- SOC 2 (Security) compliant
People and Procedures
Simeio has a dedicated security and risk compliance team that handles security incident responses. With a comprehensive Security Incident Response Plan and Breach Reporting Policy, Simeio is able to effectively respond and manage all security and data privacy incidents.
- Simeio has established policies and procedures that meet our security and compliance commitments to internal users, customers, and regulations. These are communicated internally via the company intranet, periodic training sessions, and regular workshops
- A steering committee for infosec and compliance has been formed comprising Senior Management members / Head of Departments which meet on a quarterly basis to exercise oversight, provide directions for the development, and assessment of the internal controls
Data Security and Privacy
Simeio is certified with the control set within ISO/IEC 27018:2019, which provides protection for personally identifiable information (PII) on the cloud. Our expertise in protecting customer data reflects in the following ways:
- Customer data is encrypted when in rest and when in transit.
- User endpoints are encrypted and configured with antivirus solutions.
- Annual information security and privacy training are mandatory for all employees.
- Security and privacy audits are conducted by a third party. Simeio is SOC2 and GDPR compliant for security and privacy.