Security Incident Management
When incidents occur, we have a dedicated Security Incident team that provides the necessary co-ordination, management, feedback, and communication. They also have responsibility for assessing, responding to and learning from information security incidents to make sure that we minimize the risk of them recurring.
Redundancy
A method to increase reliability by allowing two or more units (e.g. network or hardware) to work in parallel with the same information, providing a reflection of each other. If one of them breaks down, the other one takes over.
Penetration test
A controlled way to identify security weaknesses in our systems by contracting professional testers to attack our systems and share their findings with the development teams. This helps our development and operations teams to strengthen our security.
Hashing
A cryptographic hash function is a mathematical algorithm that maps data of arbitrary size to a bit string of a fixed size (a hash function) which is designed to also be a one-way function, that is, a function which is infeasible to invert. The only way to recreate the input data from an ideal cryptographic hash function's output is to try a large number of possible inputs to see if they produce a match.
Salting
A method to prevent hacking by adding information before or after the hashed password. The primary function of salts is to defend against dictionary attacks versus a list of password hashes and against pre-computed rainbow table attacks.
Audit
The complete IT portfolio is reviewed at least once a year, by an external audit firm, where all minimum requirements for IT security are reviewed and evaluated in order to improve the overall IT security.