When buying software, make sure that the vendor has a universally recognized certification.
THRON has always been at the forefront of data protection, and has set up an Information Security Management System (ISMS) for organizational, technical and procedural processes in accordance with this standard.
We are committed to ensure the highest level of security day after day, protecting both our customers' assets and our own.
In the cloud environment as well, the company has a secure, high-quality Personal Identification Information (PII) management system.
THRON was born in the cloud, so it was crucial for us to extend the security standards we had already achieved with ISO 27001 to this environment too.
THRON follows the best practices of the OWASP (Open Web Application Security Project) for developing software securely.
We manage our servers in an infrastructure-as-code approach, i.e. automating as much as possible and avoiding manual interventions, in order to reduce the incidence of errors to a minimum.
The Amazon Web Services data centers used by THRON are placed in secure locations that are not made public.
In addition, the information is redundant: the data is stored in several, physically separated, data centers.
AWS is also 27001 certified.
We apply Amazon security best practices to manage server access: we have passed AWS Technical Audit, which certifies that we correctly implement these guidelines.
In compliance with the directives of the CIS (Center for Internet Security), we have set up monitoring that automatically detects and reports any security vulnerabilities.
The software and the information it contains is protected by access control, with a customizable password policy.
THRON uses the https encrypted protocol, i.e. the data passing through THRON cannot be stolen and misused by third parties.
All data stored on THRON is also encrypted.
THRON is shielded from DDOS (Distributed Denial of Service) attacks, which could affect the availability of services for our customers, by AKAMAI, which monitors global traffic and blocks any anomalous flows that may run towards THRON.
This protection is added to the protection already provided by firewalls.
Access to THRON files is secure and can only occur through a specific sharing. Only users with full access rights to a file can share it, and decide whether to make it downloadable.
All single sharing action is listed and can be revoked at any time, while the System Audit records all actions performed within the platform.
The average availability of THRON services is 99.9%. We use an autoscaling container technology: our distributed architecture can allocate, or shut down, parts of the infrastructure as needed. In addition, the automatic recovery procedures guarantee shorter response times than any manual intervention.
Data is replicated in 3 different AWS data centers, which ensures 99.999999999% persistence.
In addition to replicating data in three data centers, we back up this information in three more data centers, located in a different country. This means that the information will remain intact even in the case of catastrophic events.
Our priority is always the security of our clients and their data. For this reason, we employ advanced monitoring, detection and response systems (XDR – Extended Detection and Response) with the aim of providing the maximum protection against potential cyber-attacks.