How is CoorpID made safe?
Your security is our utmost concern. CoorpID is secured on many layers and adheres to stringent security requirements. We continuously monitor and test our security and independent verifications are performed to verify our implementation.
You control access
Access to information can be easily be limited. CoorpID provides simple but fine grained control on who may access what both within and outside your organisation. Sharing of information can be started and stopped at any time.
Corporate administrator can block access of anyone remotely and you can always change your password or block your account. Emergency procedures are in place in case of theft or loss
To safeguard against eavesdropping and modification, all sensitive data is stored encrypted using strong and proven standards such as AES-256. A TLS connection is used to protect the data transfer, using strong and proven protocols for connection, encryption and keys: TLS 1.2+, AES and RSA.
The integrity of your documents is protected by a digital signature that is uniquely linked to your account.
We continuously monitor for possible fraudulent activities on several levels. We perform host and network intrusion detection to verify system integrity and monitor our application for suspicious actions.
We aim to have your data available 99.9% of the time. Your data is backed up and stored in at least two geographically separated datacentres to protect against data loss.
As you would expect, user are uniquely identified. They must choose their own strong passwords, which are stored in a derived, hashed form only to limit the impact in case of breaches.
Additional we offer several means to further secure your accounts, including support for
- Timebased OTP authentication. Use any authenticator app to generate TOTP identification codes only valid for that moment as extra identification.
- Hardware keys. Use FIDO2 U2F compatible hardware keys to identify yourself with the touch of a button.
What can you do?
Many attacks target end users and their devices and attempt to install spying software, trick users into providing credentials or navigate them fake sites.Protect yourself by
- Use up to date software with latest security patches
- Don‘t use public networks without a secure VPN
- Check the browser address and website certificates to ensure your are dealing with
- Verify email links before clicking them
Your data is stored within the EU and meets the GDPR regulations.