Security is paramount, that is what we are saying that we are doing. That means we have to do this ourselves as well. Below you will find an overview of security tests and our explanatory notes on them. Wherever technical possible we have applied all suggestions for improvements.
Our partner SecurityScorecard gives us the excellent rating A (100%) on our entire public digital footprint. We score an A (100%) in the area of Network Security, DNS Health, Patch management, and IP Reputation. With regard to Application Security we also score A (100%).
A summary from SecurityScorecard can be downloaded here.
Doing business with us means a 5 times smaller chance of a breach or data breach than with organizations that score C or lower!
A secure website starts with a secure connection. That is why we are putting everything in place to take all the security measures that we can.
Internet.nl therefore gives our website a score of 97%.
We have also taken the necessary steps regarding the configuration of our web servers. Not only the website and connection must be secure, but also the platform on which it runs.
ImmuniWeb therefore gives our website a score of A+.
Our website has a set of well-configured Security Headers. This means that the webbrowser can take specific security measures to ensure that our website cannot be misused to mislead you.
Security Headers therefore gives our website a score of an A.
We comply with the so-called HSTS preload status. With this, all modern web browsers know that our website should always be visited via HTTPS (encryption). So when someone breaks into your connection, the traffic cannot be diverted.
HSTS preload therefore indicates that our status for HSTS preload is allowed .
Our website has a strong and modern encryption standard! This means that the connection between your computer and our server is in a robust way encrypted.
Qualys SSL Labs therefore gives our website a score of an A+.
Secure email traffic
In addition to a secure website, secure email traffic can obviously not be missing. That’s why we do everything we can to keep our email traffic secure with all our customers and suppliers. For that, we have the highest score possible.
Internet.nl therefore gives our email environment a score of 75%.
Ethical hackers make a great contribution to the digital security of our society. In addition to having a procedure so that we can report found vulnerabilities, we also state below which valid reports have been made.
Our Hacker's Hall-of-Fame
- 2020/04/02 – Gul Hamee – Tabnabbing vulnerability on a set of links – no patch by Divi; removed “_blank” targets from links
- 2019/08/06 – Mansouri Badis – Denial of Service vulnerability in XML-RPC – no patch by WordPress; applied compensating controls
- 2019/06/03 – Asim – Denial of Service vulnerability in script-loader.php (CVE-2018-6389) – no patch by WordPress; applied compensating controls
Data breaches and legal requests
Security is one of course, but privacy is another. Here we communicate transparently and honestly about all our data breaches, and the number of data requests made by, for example, courts.
Overview data breaches
Fortunately, we have not had any data-leak yet!
Overview legal requests
We have not yet received legal requests for information regarding one or more of our customers.
There is something else that we find very important. And that is sustainability. With our company we depend on third parties for a sustainable approach. Because our company works entirely in the cloud. We do not have our own servers and other hardware, other than a laptop and a smartphone per employee.
For that reason we provide data or links to sustainability information of our core suppliers for data storage and processing capabilities.