Information security

We ensure that all sensitive interactions, such as API calls, logins, and authenticated sessions with the RegLab application, are encrypted in transit using TLS 1.2 or 1.3 with RSA 2,048-bit keys or stronger. Secure Sockets Layer and Transport Layer Security (SSL/TLS) encryption is available by default to protect your data. For more information, please visit the following link: https://www.ssllabs.com/ssltest/analyze.html?d=clientidentification.com

Data stored on our SaaS servers is encrypted using industry best practices. We employ a FIPS 140-2 validated cryptographic module for storage encryption. All data, including backups and temporary files created during query execution, is encrypted on disk. We use the AES 256-bit cipher as part of Azure storage encryption, with system-managed keys. This encryption is always enabled and cannot be disabled.

Yes, we can track changes to sensitive data. Our application maintains detailed user logs, general system logs, and production logs. Additionally, important events are recorded in an audit trail within the application. This ensures that any modifications to sensitive data are tracked and documented.

Yes, access to the audit trail and logs is secured and strictly limited to designated personnel only, ensuring that they are tamper-evident and regularly monitored.

Yes, we have backup policies in place. Redundant daily backups are automatically stored across our primary cloud storage providers.

We maintain comprehensive backup and recovery procedures, including automated backups and off-site storage, to safeguard your data and minimize downtime in case of any disruptions.

Yes, our backups are replicated and stored in zone-redundant storage, within the European Union (EU).

Yes, we employ a multi-layered approach to data security. Backups are encrypted using AES 256-bit encryption, and we apply additional encryption at the field/row level for personally identifiable information, utilizing strong algorithms.

You can export all your data from our application into a CSV or Excel document at any time. If you need your data in a different format, please contact us to discuss available options.

We are committed to maintaining a high level of service availability, with an uptime of 99%.

We use the globally recognised ISO27001 information security standard. A certified auditor conducts an annual audit.

Yes, we ensure robust protection against potential threats by deploying sufficient anti-malware software. All RegLab devices are protected by Microsoft Defender.

Yes, we employ robust password protection solutions, e.g. a password manager and encryption, which are enforced through Microsoft Intune policies. These security measures are mandatory and applied consistently across all employee devices to ensure comprehensive protection of sensitive information.

Yes, to monitor and manage vulnerabilities, we have static analysis, dynamic analysis, vulnerability assessment, and dependency scanning tools in place. These tools help us identify and address potential security issues promptly, ensuring the integrity and security of our application.