SECURE HOSTING

A secure cloud

Software as a Service (SaaS)

The Preventeo platform has been developed in Software as a Service (SaaS) mode. It can be accessed remotely, via a simple web browser.

This has multiple advantages:

  • Simple and rapid deployment that avoids the need for the client to install software locally.

  • A scalable information architecture that can respond to changing client needs.

  • Automatic access to the latest version of the software.

  • Routine maintenance is carried out by Preventeo.

  • A highly responsive support team (implementation of security and application bugfixes in a timeframe defined in our SLA).

  • Access from a mobile terminal via a simple web browser connected to the network.

  • Clients can opt in to new features provided by Preventeo (Service mode).

Hosting

Consistent with the notion of the sovereign cloud, all of Preventeo’s IT infrastructure is hosted in two datacentres located in France.

These datacentres are managed by two French operators with the highest levels of certification (PCI-DSS, Tier IV), which reflects a very high level of security, availability, resilience and confidentiality.

The location of all Preventeo servers on French soil means that they are governed by French legislation regarding data protection and access (CNIL, the law of trust in the Digital Economy, etc.).

Preventeo guarantees its users a high degree of protection, integrity and traceability of data in compliance with French law and European regulations. No legislation external to the European Community can be applied to the data and data processing entrusted to Preventeo.

The Preventeo platform offers several hosting options:

  • As standard, shared hosting for immediate, flexible (can be extended depending on the number of users) deployment, with no extra costs as physical and technical resources are shared (multi-tenant architecture).

  • Dedicated deployment to meet the specific needs of an individual client is possible (single-tenant architecture).

  • Finally, Preventeo is able to help clients who would like to host the platform in-house (on-premises architecture). This hosting option will be subject to a detailed study if requested by the client.

Availability

The Preventeo platform is accessible 24/7 expect during periods of planned maintenance, which are announced in advance.

Availability is governed by a Service Level Agreement (SLA) appended to each licence.

Application security

Preventeo guarantees the security of its software platform and any hosted client data via the following technical and organisational measures:

  • Multi-annual intrusion audits based on OWASP Top 10 standards.

  • Vulnerability test campaigns carried out by an external, certified company.

  • Security audits when requested by our clients by a designated company working with Preventeo.

  • Business continuity and recovery plans based on Preventeo’s redundant IT architecture.

  • Antivirus checks of all data imported into the Preventeo platform.

  • Preparation for information system security certification ISO 27001:2014.

  • All software development and support is provided 100% by Preventeo staff based in France.

  • Databases can be encrypted.

  • Data confidentiality guaranteed from the beginning of software development.

  • Connection tracking and navigation to the platform.

  • Ability to connect to the Preventeo platform using a client authentification protocal (e.g. SSO).

  • Strong encryption of all communications.

  • One IP address authorised for each user and each session.

  • Protection against denial of service attacks and saturation.