Updated on June 21, 2022

Data Security

Keeping your account and data secure is one of our most important tasks. Below we will answer the most common questions related to information and data security in Konsolidator.

If you can’t find the answer to your specific security questions, then please write an email to security@konsolidator.com.

Is our data secure with Konsolidator?

We care deeply about your data. And as our business depends on security, we have implemented several technical and organizational measures to ensure data security.

Please read further for more information on how exactly we do this.

How do you work with information security in Konsolidator?

Konsolidator’s efforts within information security, specifically our information security program, are risk-based and founded on the international standard for managing information security, ISO27001.

Konsolidator has received an ISAE 3402 assurance report from an independent auditor. In addition, we execute penetration tests annually with an external partner and perform regular employee training activities within the information security area to ensure we maintain our level of security.

The information security program is operationalized through an annual cycle. The responsibility for information security in Konsolidator lies with the CFO (Chief Financial Officer).

Where is our data stored?

Your data is stored in Microsoft Azure datacenters within the EU. We use a highly redundant database service that provides resilience and backup/restore management. All data is stored and processed within the EU in compliance with the EU Data Protection Directive.

Microsoft Azure is a multi-certified CSP; if you are interested in reading their ISO, SOC, etc., you can find them here: https://servicetrust.microsoft.com/

How is our data managed and backed up?

For business continuity purposes, Konsolidator performs a two-tier backup process, which is tested at least annually. All backups are retained in Microsoft Azure to ensure the same level of security and access as all other infrastructure.

Communication between your browser and Konsolidator, as well as any API access, is encrypted using the HTTPS protocol and SSL certificates.
Konsolidator databases are encrypted at rest to prevent malicious or unintentional access from outside Konsolidator.

Are your servers and infrastructure secure?

The Konsolidator production and development environments are hosted in Microsoft Azure. Microsoft Azure manages physical and environmental security-related controls for Konsolidator servers, including buildings, locks, or keys used on doors.

“Microsoft takes a layered approach to physical security, to reduce the risk of unauthorized users gaining physical access to data and the data center resources. Datacenters managed by Microsoft have extensive layers of protection: access approval at the facility’s perimeter, at the building’s perimeter, inside the building, and on the data center floor.”

https://docs.microsoft.com/en-us/azure/security/fundamentals/physical-security