Security at Trustelem

Trustelem takes a defense-in-depth approach, implementing a solid set of redundant security measures to protect client data and processes. These measures are organized in terms of infrastructure security, application security and operational security.

Infrastructure security

Trustelem's application servers are redundantly deployed in two different datacenters by an ISO 27001-certified cybersecurity hosting partner. The operation of these servers is performed by a team specializing in secure infrastructure management.

To provide multi-operator redundancy, a replicate is also deployed elsewhere in another ISO 27001-certified datacenter.

Infrastructure penetration tests are carried out at regular intervals, by highly experienced, external cybersecurity experts.

Application security

Server application

The server application is built on Go language, the leading-edge open source technology, ensuring the highest security available.

Its architecture has been defined by our cybersecurity experts and its evolution is guided by secure development methodologies. In particular, changes to the application code are documented and validated by the Trustelem Technical Director and comprehensively tested on a dedicated infrastructure before being deployed.

Application penetration tests are carried out at regular intervals, by highly experienced, external cybersecurity experts.

The application is continuously monitored to ensure the availability of services.

The application has an intrinsically defensive design:

Trustelem AD Connect application

As part of the use of Trustelem with Active Directory, customers are encouraged to install the Trustelem AD Connect software on their own infrastructure. It is in the process of being certified by the France’s National Cybersecurity Agency (ANSSI).

Operational security

Information Security Management System

To enhance its internal security, Trustelem has put in place an Information Security Management System (ISMS). Risk analysis is regularly performed and Information Security Policy updated.

The main security procedures put in place are:

In addition, Trustelem has a business continuity plan, comprehensively designed to address adverse events.

Operational Certification: ISO 27001

The ISO 27001 certification process is underway on the Trustelem ISMS. A simplified Statement of Applicability and the Information Security Policy are available upon request.

Our experts are at your disposal for any additional information regarding Trustelem's security management. Contact us!