Professional advisors conduct business in a secure environment. Dealsuite guarantees security in two ways:
- Users of Dealsuite are all professionals. They treat received propositions with integrity and information confidentially.
- High level of IT-security, technical and in the workflow.
The first point refers to the ‘Code of conduct’ and the ‘Terms and conditions’ of Dealsuite. Point two refers to the explanation of the IT-security of Dealsuite as stated below.
IT-security of Dealsuite.com
Dealsuite is designed and developed based on the highest level of IT-security standards. Security is guaranteed by technical aspects as well as specific aspects in the workflow; The process is designed by an AO/IC expert and GDPR compliant.
Dealsuite grants access only to professionals who work for a corporate finance or investment firm. When one of these users shares a proposition with other users, he or she can share it with all other users or make a selection of his/her choice. Our login system and extensive permission system is constantly monitored by a whole range of automatic tests to make sure nobody except the professionals that were selected have access to that proposition.
Propositions and other sensitive data on Dealsuite are not accessible or indexed by any kind of search engine or crawler such as Google.
By logging into Dealsuite, a user will automatically connect via a secure connection (SSL). All information is encrypted, therefore information is not visible to unauthorized individuals. The secure connection can be recognized by the padlock icon in the browser. In the address bar, the user will see: (Padlock) Secure https://www.dealsuite.com.
Our main servers are located in a Tier-3 server park in Amsterdam (The Netherlands), all with uninterruptible power supplies, located in close proximity to the Amsterdam Internet Exchange. All data is also securely stored in a second, separate location in the Netherlands (also Tier-3). Both locations are synced and additionally backed up every 4 hours. This ensures that the data is safe and always available.
Public access to Dealsuite servers is only possible over port 80 and 443 and login is only possible for users with credentials. All services with private information like databases and caching engines are secured by the Dealsuite VPC or Virtual Private Cloud. This means the only way to access these services is by being physically located at a Dealsuite office and having an RSA 2048 bit key, secured by 2 layers of strong passwords. Only our developers have such a key and they have all signed a Non-Disclosure-Agreement with a penalty clause. Possible threats do not even have the option to connect with our system.
Our front-end and back-end services are completely separated. This ensures that no logical code, if abused, ends up in the front-end for users to see. Every piece of logic and data is secure inside our Virtual Private Cloud and what the user sees is just the layout and the end-user data.
Every year big security leaks are found worldwide in popular pieces of software. Because of this, we make sure we consider to use all the best practises available for our code and we follow security trends extensively. One of our developers is specifically appointed with that task. When a security fault is found in one of our services, we will patch it as soon as possible. Until today no security issue has been reported to us or found by us.