How secure is your data with us?
The esg2go platform was originally developed for medical registers, the sector with probably the most sensitive data of all. Data security and protection are therefore of central importance to us.
Before you read on: Now it’s getting pretty technical. If you have any questions, please contact us and we will be happy to explain all the details and our standards to you personally.
Who owns your data?
Stupid question, it’s also rhetorical: only you. You decide what happens to your data and who has access to it. That is very important. While with other ratings you relinquish control over the use of your data when you enter it, with us you always have control and an overview.
In the area of data protection, we work closely with official bodies and have had our data protection documentation drawn up by a renowned lawyer from a Big 5 law firm. In Germany, we are represented in the exclusive TMF tool pool.
Where do we store your data?
Our servers are located in ISO-certified Tier 4 high-security data centers in Switzerland. With redundant RAID hard disks and duplex servers that mirror each other, we are protected against data loss.
In addition, we create continuous backups of the data and data history – both on the mirrored servers and at an additional external location.
In the event of a physical failure and data loss, we can restore the system at any time and at any point in time.
How secure is your data during transmission?
We work with separated databases, SSL-encrypted transmission, IP blocking, cryptographically secured or company-specific encrypted master data and two-factor authentication. More security is almost impossible.
We also track all movements in the system. This means we can check who entered or requested what and when at any time.
Now it’s getting really Swiss: our certificates.
The esg2go underlying system “AQC” is ISO-certified according to the standard for quality management systems ISO 9001:2015 (since 09/2006, SGS certificate CH06/0722). The organizational processes are standardized, double-checked and transparently documented. Critical incidents are prepared for and the continuous improvement process is implemented.
We also test ourselves regularly.
And not just in terms of sustainability, but also in terms of security. We test the worst-case scenario in security audits. We have all systems extensively checked by external security experts. The servers are secured against unauthorized access and malware using the latest technology. They are continuously tested for vulnerabilities (penetration test) and withstand attempted attacks. This has been confirmed by the security reports. Additionally, all programs undergo a code review to determine any possible weak points.