The General Data Protection Regulation, GDPR for short, will come into effect May 25th 2018. There has been a lot of time to prepare your organization, and many organizations have already made sure their data policies are now compliant.
However, the GDPR also involves your suppliers and as part of the regulation, companies are required to make sure their suppliers are GDPR compliant as well. Triggre has made sure that it meets all the requirements concerning the GDPR for her customers, so you don’t have to worry about it.
One major point is making sure that no unauthorized access is granted to personal data of customers. Triggre has been tested on multiple occasions and has always passed all independent penetration tests with flying colors. But it doesn’t stop there. The fact that an application is secure today, doesn’t mean that a vulnerability can’t be found in it tomorrow.
That’s why we periodically perform these independent penetration tests. Also, we update our platform, and with it our customers’ applications, approximately monthly. These updates always include the latest implementations of security guidelines so our customers can rest assured that their data is safe from hackers, without any effort on their side.
Apart from unauthorized access by external parties, we also make sure that internally only a very select number of people have access to our production servers. The only people who have such access are in charge of making sure our servers are running correctly.
Our development team for example, has no access to our production data. This means that we can’t even use production data for our internal test procedures if we wanted to; because we simply don’t give access. By using Triggre, your data is kept extremely safe.
Of course, we also have our own suppliers. Because our customers’ data is so important to us, we don’t take any chances with this. That’s why we decided to only host Triggre with Microsoft Azure.
Microsoft upholds very strict procedures regarding physical server access (something we don’t have ourselves even) to make sure that no unauthorized access can be obtained to their servers. Microsoft Azure, as our only supplier that is relevant to our GDPR compliance, are themselves fully compliant with the GDPR legislation.
GDPR compliance process
Triggre takes pride in its efforts to keep customer data safe, which is of course a big part of our core business. GDPR compliance however, isn’t a one time thing. If you want to make sure that you are compliant, it is imperative that people develop a certain mindset.
Questions that need to be raised are such as ‘Do we really need this data?’ and ‘For how long do we really need this data?’. This mindset has been a part of our company for as long as we’ve existed. For many other companies however, it isn’t, simply because it never was a problem.
That is why we always help our customers decide on these things with a quick GDPR compliance scan for their applications. That way, you are certain that you’ve done everything you need to, for your GDPR compliancy.