BACK

What security certifications does Comply have?

Cloud services from AWS

We use a world-leading cloud that follows global security policies.

Our security is underpinned by AWS (Amazon web Service)

User security on Comply’s platform is guaranteed by:

Secure transmission channels (HTTPS)
Encryption of data sent by the user to Comply
Two-factor authentication, which requires users to confirm their identity in two separate and distinct forms

Peppol access point

Comply is an accredited Peppol Service Provider for document exchange, guaranteeing its security for this type of document exchange.

The aim of the Peppol framework is to bring public administrations and enterprises closer together, digitalizing the procedures for preparing and awarding tenders in the pre-award phase, as well as the execution and fulfillment of the tender contract (post-award phase).

By leveraging Comply, you can achieve end-to-end integration berween your corporate information system and the OpenPeppol network, for all post-award tender processes.

OFTP2

OFTP2 (Odette File Transfer Protocol) is the communication protocol created for EDI (Electronic Data Interchange) applications within complex systems and organizations, where security and traceability are essential.

Compared to other protocols, it is characterized by:

its transmission speed
native handling of return receipts
two-tier message routing

AS2

The AS2 protocol is widely used around the world in healthcare, retail and e-commerce.

This standard governs the signing and encryption of messages exchanged over an HTTPS (hypertext transfer protocol secure) connection, and handles signed return receipts.

Comply uses software components certified by the AS2 Drummond Group, the global leader in AS2 software Interoperability Testing.

ISO Certifications

Comply exclusively uses certified data centers to manage the services of:

Cloud Computing and Cloud Storage
High Availability and Disaster Recovery
e-mail
domains and Internet sites
IT security

Specifically, the certifications involved are:

ISO 9001, which validates quality management systems, i.e. the ability to consistently provide products and services corresponding to specific quality requirements
ISO 14001 that governs the design and implementation of efficient environmental management systems to help companies reduce their environmental footprint
ISO 27000 which stipulates the requirements for an effective information security management system to limit information risks also including privacy, confidentiality and cybersecurity.

Security

How secure is Comply?

How does Comply secure my account access?

Who has access to our account info?

How often does Comply back up my data?

Who can use Comply and how and when can they use it?