It has been a year since we successfully obtained the ISO 27001 certificate . After the first audit, we set new tasks in data security, which we worked on continuously. Especially in the last two months, we have checked, tested and tuned everything again. The results came, not only because we passed the audit, but also in Evolio itself.

A shift in several areas of cyber security

Cyber security affects several areas. It is not only about software security (the result of the penetration test can be found below), but also the correct handling of data backups, the use of two-factor security, auditing and documentation in case of data loss. There have been shifts in all these areas at AVE Soft. The audit was an opportunity to verify that the set rules work and that everything is kept in working order.

Cyber security must be approached with humility, it is never possible to rest on your laurels. Therefore, in addition to organizational improvements, we have prepared a new chassis for Evolio – a completely redesigned layer that takes care of data access . In version 2022.1, it will replace the original solution, which has already been burdened by a number of changes in the last three years. The new layer is not only more powerful, but is ready to incorporate some new security features, such as Row Level Security.

We simulated an attack on the Evolio database

An independent security penetration test conducted by Versa Systems took place during March. Its basic goal, using the method of a simulated hacker attack, was to verify the level of system security and the resilience of Evolio’s information and communication technologies to real cyber threats. We obtained a detailed analysis of the system with a focus on possible security vulnerabilities.