At Curmis we take Information Security very seriously. In an ever changing security landscape we work hard to keep up to date with, and implement, current best practices in security.
Connections to Curmis Application
The Curmis application runs on a dedicated web server which is behind a firewall. We have firewall rules in place which only allow users from authorised locations to reach the Curmis logon page. We require that all Curmis users have a static public ip address. If an ip address has not been verified by Curmis the user will not be able to log in.
All data between a user’s web browser and the Curmis application is encrypted using the https protocol. Our business and application has been verified by Geotrust, proving that our site is secure and trustworthy.
We hire independent Penetration Testers (Ethical Hackers) to test our code and our servers. Curmis is tested in line with the OWASP Top 10 (Open Web Application Security Project).
User data entered on Curmis is encrypted and backed up to an external secure server.
If you require further information about our security practices please email firstname.lastname@example.org