Designing & Operating White Label Platform dedicated to the Insurance Industry
  • News
  • Security
  • Contact Us
  • feedback
TRM - PDPC - LIA - MAS
​COMPLIANT
Picture
Picture
Picture
Picture
Our platform uses the best of open source solutions to serve our customers
INFRASTRUCTURE 
Our IT architecture has been designed to follow the highest security protocol and standards of the market. 
​
Picture
PLATFORM SECURITY
​
We are integrated with a certified IT Cyber Risk Platform that monitors continuously and gives a “MCE Rating” to confirm the level of security. MYCYBEREYES alerts for every application vulnerabilities, data leakage and lack of conformity. They are fixed within 8h00.


Picture
OWASP
​

Our software is built to systematically consider the OWASP top 10 vulnerabilities. By following these principles, our portal and mobile apps are secured and together with continuous Penetration Testing, it dramatically reduces the risk of a successful cyber attack.
HOSTING
Our servers are hosted on Microsoft Azure, the leading Infrastructure Provider in the world.
Picture
​SSL ENCRYPTION
​

​All traffic to and from our servers are protected by SSL. 
SSL (Secure Sockets Layer) is the standard security technology for establishing an encrypted link between a web server and a browser.
Picture
​​MTSC Certified
​

Microsoft Azure is Singapore Multi-Tier Cloud Security Standard (MTCS SS 584) Level-3 (CSP) certified together with other global certifications such as the ISO 27001 (Security Management Controls) and ISO 27018  (Personal Data Protection)
In-House Security Protocol
My-insurer has designed and follows the strictest set of security mandates and governance to remain in full compliance with the regulatory requirements and guidelines of the governing bodies where it operates.
Picture
Data Access & Password Authentication

Data access is governed by strict role-based access controls which is reviewed and audited by independent bodies regularly.
Private/Public keys with password protection are required to access to our servers.


Picture
Independent Pen test
​

My-Insurer performs at least once a year a Pen Test with a Third Party that is mandated to evaluate the overall robustness, scalability and resilience of the platform. It includes but not exhaustive: SQL Flaws, XSS, Malicious File Execution, CSRF, Cryptographic Storage, URL Access.
Picture
Governance, Training & Authorisation

All employees are mandated to attend regular Data Protection and Cyber Security training to ensure security awareness and knowledge of latest security threats.
All employees pledged and signed a set of governance policies adhering to the strictest data security and IP confidentiality compliance.
Vulnerability Assesments

​Regular Penetration testings & Vulnerability Assessments with VERACODE & 
Crashtest Security
Veracode helps companies get accurate and reliable results to focus their efforts on fixing, not just finding, potential vulnerabilities.
Veracode owns the software security technology: Crashtest Security.
Crashtest Security is a developer-oriented dynamic application security testing (DAST) tool. 
Picture


​Last Penetration Testing and Vulnerability Assessment: June, 2024
Picture
Findings:
Critical: 0

These findings are very critical whilst posing an immediate threat. Fixing these issues should be the highest priority, regardless of any other issues. 
High: 0 
Findings in this category pose an immediate threat and should be fixed immediately. 
Medium: 0
Medium findings may cause serious harm in combination with other security vulnerabilites. These findings should be considered during project planning and be fixed within short time.
Low: 0 
Low severity findings do not impose an immediate threat. Such findings should be reviewed for their specific impact on the appli- cation and be fixed accordingly. 

FULL REPORT IS AVAILABLE ON DEMAND


DPTM Certification Number:  DPTM-00033-202008202008
Cyber Essentials Certification Number:  CEM-2023-012
Terms & Conditions

Picture
  • News
  • Security
  • Contact Us
  • feedback