Data protection and security are of utmost importance to us
- Frequent communication with professional cybersecurity advisors from around the world
verifcv cybersecurity in a nutshell
Collaborators, RSSI and CISO
We guarantee the total security of your data and IT systems
Cybersecurity training for all of our teams
- Global process auditing
- Individual team member training and improvement processes
System access security measures
- Users must change their password after a certain time period
- 2-Step identification method at each login
- Encryption of sensitive documents (diplomas, identification documents…)
- Regular audits of access and login procedures
Permanant protection of all data
- Secure servers located in France (Scaleway)
- Secure Sockets Layer in all exchanges
- Transmission via https protocol
- Segmented passwords
- Daily audits and system back-ups
- Duplicated back-ups on multiple servers
- Intrusion drill programming
Stabilized security throughout all operations
- Continuation plan in place in the case of any disruption
- Reversibility plan available
- Quality management team in place
Information management at every level
- Indication of responsibilties for each role
- Creation of a risk management team
- Definition of procedures in the case of alert
- Regular testing of a continuation plan
Verifdiplomagroup philosophy: continuous improvement
- Regular internal and external audits
verifcv's commitment to cybersecurity in detail
Our goals
- Put state-of-the-art technology measures in place to assure maximum system security (process tracking and user authentification)
- Maintain an advanced level of knowledge concerning security measures
- Designate a team member who is responsible for system security
Infrastructure and Service Security
- We guarantee infrastructure security in line with ISO 27001 standards
- All infrastructure security information is communicated to the client
- The client will remain informed about security and data management changes (ex : server location change, technology update etc.)
- Anti-virus software is installed to avoid malware integration
- In the case of malware tampering,verifcv commits to researching the origin, consequences and remediation possibilities of the occasion.
- Regular tests will take place to survey the security of all systems accessed byverifcv
- Preventative and detective technology is in place to protect against negative impacts on servers, materials, etc.
Logical Access Controls
- All actions are time-stamped and conserved to perform audits and control tests.
- All relevant login and connection data may be transferred to the client upon request
Human Resources
- We take responsibility for all of our staff members and eventual sub-processors
Data Back-Ups
- verifcv regularly backs up all data in its' system to maintain a trace of all past activity. Additional details including data deletion and stockage will also be disclosed to the client.
Risk Management & Prevention
- All provided services are determined as free from any and all risks at the signature of each client agreement
- If a new risk or vulnerable area is identified byverifcv, the client and all third parties will be informed and accompanied in order to overcome the vulnerable area and prevent any impact on the client
Security Breach Management & Prevention
- Verifcv follows a strict framework of security surveillance to prevent all security breaches.
- The client will be notified in the event of any security breach that may put the client or candidate's data at risk throughout the service.
- The client will be assisted free of charge to reestablish an appropriate level of security.
These actions will strive to:
- bring the client into total legal and regulatory compliance
- communicate the impact of the breach to the client's customer's to obtain full transparency
Security Audits
- Infrastructure audits and IT intrusion tests may be performed by clients or the client's subcontractors given that they are not direct competitors of Verifdiploma.
- Parties who wish to perform audits may do so if they withhold the appropriate authorizations In the case of an intrusion risk being discovered in the system, verifcv commits to correcting and strengthening the system as quickly as possible
Business Continuity Plan (BCP)
- verifcv commits to maintaining a BCP in place to continue providing services in all situations
- The BCP remains updated and is reviewed regularly
- The plan is made available to clients upon their request
Our Technology
Verif·AI
Our technology is especially designed for the verification of degrees and optimal communication with recruiters.
Learn More