SECURITY & COMPLIANCE
Iptor takes security very seriously. We understand that security extends beyond a secure application—it involves monitoring, improving, and remaining vigilant against risks both internal and external. Iptor follows best practices and industry standards to achieve compliance with industry-accepted general security and privacy frameworks, which in turn helps our customers meet their own compliance obligations. Here are just some of the measures we take to prevent data leaks and unauthorized data access:
SECURITY COMPLIANCE
Iptor Sweden AB
c/o Helio, Peter Myndes backe 16
118 46
, Stockholm, Sweden
and the sites as mentioned in the appendix accompanying this certificate
has been found to conform to the Information Security Management System standard: ISO-IEC_27001-ENG-C849443-0-20260205
ISO/IEC 27001:2022
Iptor takes full responsibility for our compliance posture and directly manages all relationships with our infrastructure partners and sub-processors. Through these globally managed relationships, our deployment environments maintain ISO 27001 (Information Security Management), ISO 9001 (Quality Management), and ISO 22301 (Business Continuity Management) certifications. Depending on your organization’s data load and hosting requirements, Iptor has the capability to ensure your data is hosted within environments covered by these specific compliance frameworks.
Iptor directly oversees the operational governance and compliance reporting of our infrastructure.
Standard industry audit reports—specifically SOC 1 and SOC 2—are actively maintained through our managed sub-processor relationships. Iptor is entirely responsible for these compliance reports and directly manages the relations with our sub-processors.
CLOUD SECURITY
Iptor services are delivered from high-capacity, redundant data centers, including facilities provided by Meridian—which covers the North & South Americas, Nordics, Europe, and APAC regions.
We ensure redundancy across our services, providing general redundancy capabilities to maintain continuous availability.
Our data center capabilities include high-speed connections for optimal performance.
All physical locations maintain cutting-edge physical security, including uninterrupted power supplies, 24/7 surveillance, and strict access controls where only authorized personnel have entry.
Iptor is performing regular review of all third-party vendors with access to any of Iptor subcontracted data centers. The result is used in Iptor risk treatment process to mitigate or avoid risks.
Protection
Iptor utilizes the most advanced Azure services to ensure state-of-the-art security for our network. Our infrastructure is protected by Azure Front Door, Microsoft’s modern, global cloud content delivery network (CDN) and Layer-7 load balancer. This architecture provides fast, reliable, and secure access to web applications and APIs by intercepting user traffic at edge locations and routing it over Microsoft’s private network backbone.
SOC & Incident Response
Iptor maintains a 24/7 actionable Security Operations Center (SOC) under Iptor’s control. The Iptor SOC function is staffed by a highly skilled team fully equipped to proactively monitor infrastructure and respond immediately to any cybersecurity alerts and activities. We maintain a 24/7 incident response team with advanced forensic capabilities to ensure rapid, expert resolution of security incidents, minimizing business disruption.
Redundancy
We ensure redundancy across our services, providing general redundancy capabilities to maintain continuous availability.
Our data center capabilities include high-speed connections for optimal performance.
Policies
Iptor have a comprehensive set of security policies. Policies are audited externally on regular times. All policies are made available to all Iptor employees.
Awareness Training
Iptor awareness training includes all employees and is a continues work. Iptor security team provides additional security awareness updates via Iptor internal information channels.
