Admincontrol – security
Privacy and security are essential elements for Admincontrol and our customers. This is ensured by a constant focus on these elements when developing our solutions as well as during daily operations.
Our security measures ensure that our customers data is secure and available only to the registered users with documented access. On a regular basis, Admincontrol undergo audits by a certified IT auditor to make sure the control environment at Admincontrol is in line with industry best practices and established frameworks.
Certifications & Compliance
SOC stands for “System and Organization Controls”. Companies that use cloud service providers use SOC 2 reports to assess and address the risks associated with third party technology services.
The ISO 27001:2013 certification in Admincontrol covers the entire business, process and Products. This proves our commitment to providing excellent security throughout every aspect of our service.
Admincontrol is part of the Digital Marketplace’s G-Cloud 11 initiative, designed to simplify procurement of cloud-related software, IT services and technologies by public sector organisations. It centralises the vendor qualification process, removing lengthy, complicated procurement requirements for every IT purchase.
In Admincontrol we have taken all necessary measures to ensure that we, when we are responsible for the collection of personal data (Data Controller) and where we process personal data on behalf of our customers (Data Processor), is performed in line with the requirements of the GDPR.
Application penetration tests of our Web & Mobile Applications are performed on regular basis by Third party security experts who systematically attempts to penetrate our systems on our behalf and with our permission to find security holes that a hacker could potentially exploit.
How often are you testing?
Each upcoming release of our solution undergo penetration tests by Third party security experts, any identified vulnerabilities are fixed before a new release of our solution are put into production. This is to ensure that we always have a secure solution.
Are you tested against OWASP Top 10?
All penetration tests are performed using OWASP methodology and against OWASP Top 10. In addition, we verify our service against OWASP ASVS L2 on annual basis.
Vulnerability scans are used to find vulnerabilities within our infrastructure and applications. For this we use some of the top vulnerability and Web Application Security scanners on the market. This enable us to scan our systems for well know & latest security vulnerabilities.
As part of being a company in the Visma group we participate in the Visma Responsible Disclosure program. This allows security researchers to report any security issues within our products in a responsible way. For more information on Responsible Disclosure and how to report see: Responsible Disclosure Policy.
For further data processing details, compliance and security, Read more about data security here.
Five reasons for choosing an ISO-certified supplier
What are the actual benefits for you as a customer in choosing an ISO-certified supplier? This is what we’ll look at in this blog post.
How to avoid cyberattacks
How do you see the present threat picture? How can we protect our company against data leaks? Who is responsible for security in the company? These are questions that this article answers.
Watch out for fake emails
Fake emails are a common method used by cyber criminals. They pretend to be coming from a trusted party such as Admincontrol with the intention of enticing you into revealing information they can use in an attack against you or your company.
10 Steps to cyber security protection with Admincontrol
Protecting your data is of upmost importance and at the same time you must be able to share your documents with key individuals and your partners easily.
ADMINCONTROL IS ISO 27001:2013 CERTIFIED
After two years of dedicated work, Admincontrol was ISO 27001:2013 certified in 2018.