AI data analyst
GDPR monitorServer-side tracker
Pricing
About Us
Webinars
Agents
AI data analyst
Tools
GDPR monitorServer-side tracker
Pricing
About Us
Webinars

Server-Side Hosting Security Policy

1. Introduction

This Security Policy outlines the measures and protocols implemented by Cogny.com to ensure the security and protection of data sent to our server-side infrastructure. It is designed to establish a comprehensive framework for safeguarding sensitive information and maintaining the integrity of our systems.

2. Access Control

2.1 Authentication:

Access to server resources is restricted to authorized personnel only.
Multi-factor authentication is enforced for all privileged accounts.

2.2 Authorization:

Role-based access controls are in place to limit access to specific resources based on job responsibilities. Access permissions are reviewed and updated regularly.

3. Physical Security

3.1 Data Center Security:

Server facilities are equipped with robust physical security measures, including access controls, CCTV surveillance, and intrusion detection systems.
Access to data centers is restricted to authorized personnel and closely monitored. Link to Hetzners Security Brochure.

3.2 Redundancy and Disaster Recovery:

Redundant power supplies, cooling systems, and network connections are maintained to ensure uninterrupted service.
Regular data backups are performed, and disaster recovery plans are tested periodically.

4. Network Security

4.1 Firewalls and Intrusion Detection:

Firewalls are configured to filter incoming and outgoing traffic, and intrusion detection systems monitor for suspicious activity.
Network traffic is regularly analyzed for anomalies and potential security breaches.

4.2 Encryption:

Data in transit is encrypted using industry-standard protocols (TLS/SSL) to prevent unauthorized interception or tampering.

5. Software Security

5.1 Patch Management:

Critical security patches and updates are applied promptly to mitigate known vulnerabilities.

5.2 Application Security:

Secure coding practices are followed to prevent common application-level vulnerabilities.
Regular security assessments, including penetration testing, are conducted to identify and address potential weaknesses.

6. Data Security

6.1 Data Classification:

Data is classified based on sensitivity, and appropriate security controls are applied accordingly.

6.2 Access Monitoring:

Access logs are generated and monitored for unusual or unauthorized activities.

7. Incident Response and Monitoring

7.1 Incident Response Plan:

A comprehensive incident response plan is in place to guide the identification, containment, eradication, recovery, and lessons learned from security incidents.

7.2 Security Monitoring:

Real-time monitoring systems are employed to detect and respond to security events promptly.

8. Vendor Management

8.1 Third-Party Security:

Vendors and subcontractors are selected based on their commitment to security best practices, and their compliance is monitored regularly.

8.2 Vendor Certification:

Hetzner Certification
Certified in accordance with DIN ISO/IEC 27001, Internationally recognized standard for information security, Certification for all of Hetzner data center parks and entire infrastructure. Read more

9. Employee Training and Awareness

9.1 Security Training:

All employees receive regular security awareness training to stay informed about current threats and best practices.

9.2 Reporting Security Incidents:

Employees are encouraged to report any suspicious activities or potential security incidents promptly.

10. Compliance and Audit

10.1 Regulatory Compliance:

We maintain compliance with applicable data protection and privacy regulations.

10.2 Regular Audits:

Security controls and procedures are audited regularly to ensure ongoing effectiveness.

This Security Policy is a living document and will be updated as necessary to reflect changes in technology and security practices. It serves as a foundation for maintaining the confidentiality, integrity, and availability of hosted data on Cogny.com servers.

Contact Information

If you have any questions or concerns about this Security Policy, please contact us at contact [at] cogny.com or at our registered address: Cogny AB, Peter Myndes Backe 16, 118 46 Stockholm.