Secunia Data Security

Secunia Data Security
Secunia is located in Denmark in northern Europe, a very stable region of the world. Denmark is a full member of the EU, and a founding member of the NATO and the OECD. All of the above provide the stability and foundation for Secunia as one of the strongest
players in the global security market.
The security and integrity of Secunia’s network is crucial for Secunia and its customers. The internal security policy at Secunia describes strict
guidelines for handling customer data and other sensitive information.
Data
All data transferred to the Customer Area (including data from the Secunia Corporate Software Inspector) is sent via
industry standard SSL-encrypted HTTPS connections.
The data sent to Secunia is non-personal data only. The data is generic, standardised, and originates from installed programs
and operating system on the devices, never from their configuration.
Following is a sample data that is sent to Secunia:
c:\CD1\SETUP.EXE - PE Timestamp : 0x45d6922f
- Version : 5.2.3790.3959
- VendorName : Microsoft Corporation
- FileDescription : Welcome to Windows Server 2003
- FileVersion : 5.2.3790.3959 (srv03_sp2_rtm.070216-1710)
- InternalName : autorun
- LegalCopyright : Microsoft Corporation. All rights reserved.
- Filename : AUTORUN.EXE
- ProductName : Microsoft Windows Operating System
- ProductVersion : 5.2.3790.3959
All passwords for the Customer Area are hashed.
Customers can securely change their passwords via SSL to ensure that the passwords are confidential. Minimum length for
the password is 8 characters.
Secunia will never ask for your password. Lost passwords can only be reset after contacting your account manager at Secunia.
No details are shared with any third party.
The information is stored for as long as the account is active.
Customers can delete host data if they wish, and it will be immediately removed from the active database. The data will only
be present in backup archives for approximately 30 days.
Secunia follows best practices in regards to data separation and ACL-based security models.
All offline backups are encrypted.
secunia.com
Data Center
Secunia servers are hosted at two independent data centers, at separate physical locations.
The data centers have the following standards and compliance:
- ISO 27001 certified compliant (DC1)
- DS-484 compliant (DC2)
- PCI compliant (DC2)
- RS3411B audited by Grant Thornton (DC2)
DC1 = Data center One, DC2 = Data center Two.
All HQ systems are hosted in highly secure Lampertz racks.
Only selected IT-staff have physical and administrative access to the systems containing sensitive data.
All staff handling sensitive data must hold a clean criminal record.
Backup
Backups and off-site replication of crucial data are conducted in a manner allowing Secunia to rebuild the network, and restore essential
services in just a few hours in case of an emergency.
Recovery Plan
In case of total failure at one of the physical locations, the recovery plan allows Secunia to scale up and restore a fully running setup within
one business day.
Being the leading provider of Vulnerability
Intelligence, Secunia plays an important role in the
security eco-system, and is the preferred supplier
for many enterprises and government agencies
around the globe.
Vulnerabilities in programs represent the Achilles’
heel of any network or IT-system. Secunia’s
mission is to identify and eliminate the threat
from these vulnerabilities, by accurately tracking
software vulnerabilities and supply products to
our customers, and the community.
The quality and importance of Secunia in the security
eco-system is publicly recognised by customers,
partners, software vendors, industry peers, media, and
the community. Secunia has from year one exhibited
peerless financial and strategic performance, proving
the following by organic means:
Higher growth than market average since
inception – and organic
Continuous growth in staffing
Profitable all years
No bearing debt
Privately funded, no venture capital
Dun and Bradstreet AA rating
A very strong and credible brand provider.
Contact [email protected] for more information
secunia.com