Designed for security
Data security and privacy are our foremost consideration. Security controls have been deployed in alignment with best security practices. With Covantis, you can trust that your information will be protected around the clock.
ConsenSys, a market-leading blockchain technology company, has been chosen as Covantis main technological partner to develop and secure the Covantis platform. ConsenSys is building Ethereum blockchain infrastructure and applications for new economic systems that are more open, efficient, and secure.
Covantis has selected Microsoft as a cloud service provider. Microsoft Azure is a highly trusted and reliable solution compliant with the most demanding security standards such as SOC, ISO, PCI DSS, and HIPAA standards.
Covantis replicates the platform data and resources across 3 data centers and 2 Microsoft regions to ensure the resilience and security of our solution. Microsoft provides multi-layered security across all its data centers and operates a team of more than 3,500 global cybersecurity experts that work together to help safeguard its clients’ business assets and data in Azure.
Cognizant, one of the world’s leading digital services providers has been partnering with Covantis to deliver a human centric design approach for the platform.
Data confidentiality and privacy
Covantis access controls ensure that platform participant users can only access information related to their data and the interactions with other platform participants. Additionally, all user accounts are protected with two factor authentication.
With the use of standard and reliable encryption algorithms, the platform ensures the confidentiality of transactional data as well as the non-repudiation of messages, nominations and digital signatures. Each platform participant uses a pair of cryptographic keys that unequivocally identifies them and every action that is performed in the system.
The platform and Covantis employees operate under Covantis Personal Data Protection Policy, that provides a framework of Personal Data protection rules and principles to guide specific notices, policies and procedures intended to achieve global compliance.
Secure development and deployment
Covantis has implemented multiple secure software development practices in its development lifecycle:
Data segregation is considered as a key requirement.
All code developed must pass very strict quality and security tests.
The Platform Infrastructure and software packages used are continuously scanned for known vulnerabilities.
Our cloud provider is continuously assessing the security posture of our platform and reports on compliance with our security standards.
Covantis collects and reviews audit and activity logs from every component of the platform.
Additionally, penetration tests are performed at least annually and upon any major change or before a major release of the platform. They are performed by internal and external teams regularly, all identified vulnerabilities are prioritized and addressed.