We secure and protect your data.

Inyore is designed to demonstrate compliance with GDPR.

GDPR

With the EU General Data Protection Regulation (GDPR) becoming effective on May 25 2018, we have worked to update our policies and practices to align with the new GDPR requirements and principles and ensure a level of security appropriate to the risks as required by GDPR Article 13,14 & 32.

Inyore’s data protection strategy is three-pronged.

Encryption, Secure authentication, and comprehensive logging.


Encryption

Inyore encrypts data while in transmission, uses up-to-date protocols and secure data throughtout lifecycle.

  • Strong SHA2
  • 256-bit - Encryption
  • 99.9% browser recognition

Access controls

Inyore uses VPN, single sign-on and unique user accounts for all individual systems.

  • Role-based access controls (RBAC) for Inyore Employees and Organizations
  • Inyore gives access to data to each Employee and Company Admin relating to their organization.
  • Inyore team accesses the database data to make sure that the business needs and principles are always followed.
  • Employee Access can be removed by the organization Admin deactivating Employee active email address due to Employee job termination or any change within the organization.
  • Access requires organization approval and is tracked by their organization at all stages

Logging and monitoring

Inyore logs all Employees and Organization Admin activities, and responds them with alerts of any abnormal activity.

  • Web Application Firewall is in place to detect any inappropriate activity.
  • Logs are reviewed monthly and upon alert
  • Logs are retained for one year
We can back up what we say.

Inyore will undergo independent security auditing, vulnerability scanning and penetration testing


Industry-standard security evaluation

Annual SOC 2 Type II audit conducted by a reputable third party

This audit will validate the processes and policies of Inyore’s Information Security Management Program (ISMP).

Vulnerability scanning and penetration

Weekly vulnerability scans by an independent third party, and annual external application penetration testing

All critical, high and medium findings are remediated appropriately.

AWS Accreditations

Inyore is a web-platform built on cloud and uses AWS infrastructure. AWS has been accredited under several programs including:

  • AICPA SOC
  • ISO27001
  • PCI Security Standards Council
  • C5 Standard (AWS)
  • IRAP
  • FedRAMP

Inyore keeps each organization data separately and uniquely provides them their de-identified data by tagging and their organization throughout the lifetime. Data stays encrypted while transmitting.

Backup and Disaster Recovery

We take a Backup of data on a daily bases in case of any environmental failure occur. All of the backups are encrypted and stored on GoogleDrives.