GDPR
GDPR is a EU regulation on data protection and privacy in the EU that also addresses transfer of that data outside of the EU.
We have helped organisations understand their requirements under GDPR, document those requirements and then implement software and controls to enforce them.
Security First Development
Our engineers understand that developing secure software is a primary requirement for our clients and for us as a business. They all receive training on common sources of errors in the technologies that we use.
Our QA process specifically includes a final code review undertaken by a principal engineer, whose job it is to find security issues.
Pen Testing
We make use of external security consultants who will "penetration test" our systems in order to verify, as an impartial party, the security of the software.
We recommend performing this testing on initial delivery of the software, during any large upgrades and then on a frequent ongoing basis.
ISO/IEC 27001
ISO/IEC 27001 specifies a management system that is intended to bring information security under management control and gives specific requirements.
At Abstract Leap, we have experience of enabling our clients to achieve certification and have operated systems inside an ISO27001 audited environment.
