Security statement

Prepared on: 20/10/2020

Security statement

We are a security company, so we must lead by example by using the highest possible standards. Therefore, in all cases, we take the following approach with regard to protecting our employees, customers, partners and the company as a whole.

Security controls

  • Data transmission is encrypted based on modern standards.
  • Data storage is encrypted based on modern standards. *
  • Data transfers and storage are protected with anti-malware, exploit and cryptoware solutions. *
  • Data-storage locations have versioning and/or encrypted replication backup methodologies. *
  • Data archives and backups are stored using a retention period of 10 years. *
  • Accounts use strong passwords and two-factor authentication. *
  • Privileges are granted on the basis of the ‘Least Privilege Principle’.
  • Attempts to access are granted only when identification and authentication have been completed.
  • Security patches are installed within 1 month of their release.
  • Software, hardware and services are supported by their suppliers and are not labeled as “End-of-Life”.
  • Software, hardware and services are securely configured before use.
  • Publicly accessible systems are protected with (application) firewalls and anti-DDoS solutions. *
  • Emails that are sent are protected with anti-spoofing measures and digital signatures. *
  • Processing of personal data takes place with due observance of applicable laws and regulations, including the General Data Protection Regulation (GDPR).
  • We are transparent about security breaches, data leaks, legal requests for access to data processing and responsible disclosure of vulnerabilities.

*) These technologies are not everywhere present, thus its application is limited with its availability.

Phishing and general email addresses

Recognizing phishing is important. We have applied all possible measures (SPF, DKIM and DMARC) to prevent false emails on our behalf. Do you suspect that you have received phishing or spam on behalf of us? Then you can find an overview below with our general email addresses that we use for customer contact. If the email address is different, it is most likely a spoofed email or phishing.

We use the domains mite3.nl, and finance.mite3.nl to send and receive email. The generic email addresses below are used by us.

If you still have questions or want to know more, don’t hesitate to contact us at the email address [email protected].