Security as a Service

Qomben was built with the latest security protocols in mind for your company to be safe at all times.

Qomben's Security

  • 1

    Data Centers

    Qomben serves as an integrated service that could execute within cloud services, company's premises, or using both public (global) and private (local) clouds.

    With more regions than any other provider, Qomben can be implemented on Microsoft Azure (with Google Cloud on the way). The Microsoft Azure Cloud offers data center services all around the world and is always close to the customer (or its preferred region) thanks to its presence in 140 countries.

    Data Center Nasa
  • 2

    Data Security

    Qomben’s security mechanism will never be malfunctioning and jeopardizing the security of the entire environment. Filtering routers, firewalls, cryptographic message protection, patch management for software security, network segmentation, and monitoring are essential elements of the architecture design. That is why Microsoft Azure continues to be a real pioneer in cloud data security and Qomben's first choice of services. Azure was the first cloud provider to be acknowledged by the European Union's data protection authorities for its dedication to strict compliance with privacy legislation. Qomben was conceived with Data Security as one of its pillars of its architecture.

    Data Security Window
  • 3

    Data Privacy

    To secure personal data, Qomben has put in place organizational and technical measures. Qomben has been built with data security and confidentiality in mind due to the sensitive nature of compensation data, making sure that privacy protection measures are integrated into all stages of development. For instances:

    - C-level executives access control and features

    - An audit trail that allows the tracking of every action.

    - And all data, whether in transit or not, is encrypted

    Data Privacy iPhone

Qomben includes the SOC 2 type 2 validation

The System and Organization Controls (SOC) for Service Organizations are internal control reports created by the American Institute of Certified Public Accountants ( AICPA). They are intended to examine the services provided by a service organization so that end users can assess and address the risks associated with an outsourced service. 

Certification Standards SSAE 18
Shield (1)

Clarification and Recodification, which includes Section 105 AT-C: Concepts Common to All Attestation Engagements and Section 205 AT-C, Examination Engagements (AICPA, Professional Standards).

SOC 2 Report on a review of controls

Report on a review of controls within a service organization regarding security, availability, processing integrity, confidentiality or privacy (AICPA Guide).

Trust Services Criteria

Trust Services Criteria for Security, Availability, Processing Integrity, Confidentiality, and Privacy (AICPA, 2017 Trust Services Criteria) from the Section 100 TSP, 2017.