We take security seriously. Here’s exactly how.

We protect login credentials from the ground up. Hashing, encryption, and four-eyes controls aren't add-ons — they're part of the baseline.

• Passwords hashed using Argon2id or bcrypt, with individual salts per user; no plain-text storage; hashing parameters reviewed and updated regularly
• Application secrets and tokens encrypted at rest (AES-256) with strict key management, rotation, and access controls; short-lived tokens preferred, with revocation on logout or risk events
• Administrative access governed by commit-signed changes, protected branches, and four-eyes approval for sensitive credential workflows

We design for high availability with active redundancy, fast failover, and transparent status communication. Our public status dashboard gives you visibility at all times.

• Redundant design with automatic failover for critical services
• Availability target: up to 99.99%Critical service paths are designed to minimise single points of failure
• Automatic failover target: under 30 seconds for selected components
• Public status dashboard: securesafe.site24x7statusiq.com

Protection runs continuously at both network and application level, with 24/7 monitoring and defined response procedures. We don't rely on a single mitigation point.

• Multi-layered protection at network (L3/L4) and application (L7) level, with upstream scrubbing
• Automatic traffic analysis and filtering integrated via the application firewall and load balancer
• Multi-terabit provider capacity with no single point of mitigation
• 24/7 monitoring and on-call incident response

Access is governed by least-privilege principles, with controls that adapt to context and sensitivity level.

• Role-based access control (RBAC) with minimum necessary rights
• Time-based and inactivity-triggered session rules
• Delegated administration for key accounts
• Step-up / MFA enforced for sensitive operations, policy-controlled

We design for continuous operation and validate it through synthetic monitoring, automatic failover, and practiced DR scenarios. Recovery objectives aren't aspirational – they're tested.

• Priorities and scope: protecting people first, clear decision authority, essential services restored within defined timeframes
• Monitoring and detection: Zabbix (internal) and Site24x7 (external) with end-to-end synthetics; automatic failover via load balancer and application firewall; database failover managed for consistency
• Recovery targets by scenario:
  
  • Data centre failure: RTO ≈ 2 hours + detection time (DNS switch to secondary site or rebuild); RPO: point-in-time recovery within the last 10 days (database WAL), weekly snapshots for 3 months, monthly snapshots for 1 year; file layer with mirrored copies and delayed deletion in DR to enable recovery of accidental deletions
  • Critical component failure: RTO ≈ 30 minutes + detection time (load balancer to hot standby); RPO: 0 hours
  • Human error / data loss: RTO ≈ 2 hours + detection time (restore from backup); RPO: up to 0 hours if detected within the backup/storage window
• Testing and exercises:
  
  • Full backup-restore tests approximately every 1–2 months as part of release cycles
  • At least annual DR exercises
  • Periodic production switchovers for major upgrades
  • DNS failover process exercises conducted periodically
• Architecture: Multi-site active/active application clusters, hot standby database replication, configuration and transaction mirroring, backup and write mirroring to DR.

Audit trails are integrity-protected and built for real use, not just compliance. Enterprise customers can integrate directly with their existing SIEM environment.

• Integrity-protected, append-only audit logs
• Real-time monitoring and alerting on critical incidents
• Long-term retention aligned with regulatory requirements
• SIEM export and integrations available for enterprise customers

Backups run automatically, replicate across geographically distributed locations within Switzerland, and are tested regularly, because recoverability is only proven when you actually restore.

• Automated, frequent backups with geographically distributed replicas, all within Switzerland
• Integrity protection through immutability controls and restrictive access
• Regular restore tests with documented validation of recovery procedures

Authentication adapts to risk level, supports enterprise SSO standards, and can be enforced by policy at the organisation level.

• MFA available by default; company policies can enforce MFA for specific users or roles
• SSO for organisations via SAML 2.0 / OpenID Connect
• Compatible with device biometrics (Face ID, Touch ID) as a second factor
• Risk-based step-up authentication for sensitive operations (when activated)

Encryption is applied consistently across storage and transmission, using current standards with active key lifecycle management.

• Server-side encryption for content (zero-knowledge architecture)
• AES-256 for stored data and encrypted content
• TLS 1.3 with Perfect Forward Secrecy for all network traffic
• Managed key lifecycle: generation, rotation, and revocation
• Regular cryptographic reviews updated in line with current best practice

We commission independent security experts to test our systems on a regular basis. Results are tracked through to remediation, and executive summaries are available to enterprise clients under NDA.

• Regular third-party penetration tests
• Realistic attack scenario simulations
• Remediation prioritised by criticality
• Transparent communication of critical findings
• Executive summaries available for enterprise clients under NDA

We use server-side encryption with industry-standard algorithms and strict key management. Decryption occurs only within a secure, monitored service environment and only through authorised application processes.This architecture makes certain critical features possible (digital estate management, enterprise functionality, cross-device compatibility) without weakening the underlying security model.

• Server-side encryption with controlled, audited internal decryption
• HSM-backed key management where applicable; just-in-time key access with rapid memory clearing
• No universal master key; no undocumented access paths
• Defense-in-depth with regular independent audits and an ISO/IEC 27001:2022-certified ISMS
• Controls protect against both internal and external threat vectors

Security isn't something we add to a product after the fact. Every component has been built to a security-first principle, with defence-in-depth applied across the stack.

• Defence-in-depth strategy with multiple independent security layers
• Automatic security updates without service interruption
• Redundant systems designed for maximum reliability
• Geographically distributed backup locations across Switzerland, including a former military facility deep in the Alps

We invest in security awareness across the entire organisation. Training is role-specific and continuous – not a once-a-year exercise.

• At minimum annual security awareness training, with ongoing refreshers
• Role-specific security training tailored to function and risk exposure
• Support for team members pursuing professional security certifications

Our governance framework is structured to ISO/IEC 27001:2022 and covers everything from incident response to data classification. Policies are reviewed on a risk-based cycle, not just when something changes.

• ISMS policy framework aligned with ISO/IEC 27001:2022
• Regular, risk-based review and update cycles
• Documented and regularly exercised incident response procedures
• Binding standards for data classification and handling

We've built confidentiality into how we work, not just into the contracts we sign. Access to sensitive information is controlled at the structural level.

• Mandatory NDAs for all employees and partners
• Strict need-to-know access controls
• Encrypted channels for confidential communications
• Regular confidentiality audits