Information Security

ESILAB is ISO/IEC 27001:2013 certified - the industry standard for information and data security management. This certification involved an expert assessment of our organization's data protection measures, including people, processes, and technology. We maintain a full suite of best practices and documentation and a framework for continuous improvement to minimize risks to both our own IT systems and sensitive customer data.

 

We have a resilient environment with enterprise-grade high availability and disaster recovery, built around ACID transactions. Our automated failover system provides fault tolerance to prevent interruptions and ensure uninterrupted access to data. Our access control mechanisms include LDAP, Kerberos, and SSL client certificates, as well as role-based access control to ensure that only authorized personnel have access to data.

 

We also provide data encryption "at-rest" and "in-motion" (if requested) using AES-256 encryption and SSL/TLS and generate audit logs to record all user and system activity to facilitate the identification of potential security threats. If required, our Delivery Module’s redaction capabilities allow administrators to selectively hide sensitive information within structured, semi-structured and unstructured data sets ensuring that such information is only available on a need to know basis.