Information security

Ensure information and data security with Pagero’s physical and cyber protective measures.

Contact us

Protecting customer information

The security of our customer data is of the greatest importance to Pagero. We ensure data security through the implementation of multiple industry-specific measures. Below are a few examples of the way we work.

Examples of protective measures

Information security program

Risk management

Supplier management

Access management

Secure communication

Physical security

Information security program

Pagero has implemented an information security management system (ISMS) and privacy management system (PIMS), including a range of applicable policies, instructions and routines that govern how we work with security and privacy.

Risk management

Identifying, assessing and managing risks are a key component of a robust information security program. Pagero has implemented a process which includes both information security, data protection/privacy and supplier risk.

Supplier management

Ensuring customer data's confidentiality, integrity, and availability in our supply chain is an essential part of our information security framework. Our supplier management process is designed to ensure that the Pagero standards are upheld throughout the chain and is tested and verified by external auditors.

Access management

Access management single sign-on using multi-factor authentication (MFA) is mandatory for all Pagero's support staff accessing Pagero's cloud services, and we promote MFA as authentication method for customer users for increased security.

Secure communication

Pagero’s platform supports secure communication protocols to ensure that transferred information cannot be accessed by unauthorised personnel or third parties.

Physical security

Our data centres are protected according to industry standards with burglar alarms, fire protection, power & internet redundancy and shelter against natural disasters. All centres are monitored 24/7 and only authorised staff have access to the buildings in accordance with our access policies and procedures.

carousel-image-0
carousel-image-1
carousel-image-2
carousel-image-3
carousel-image-4
carousel-image-5

Information security program

Pagero has implemented an information security management system (ISMS) and privacy management system (PIMS), including a range of applicable policies, instructions and routines that govern how we work with security and privacy.

Secure Development: Privacy and Security by Design

For Pagero, security and privacy are more than just buzzwords - they are essential to any successful software development project. Every product is designed and developed with privacy by design and security by design in mind at every stage of the process.

  • Privacy by design is an approach to systems engineering which takes privacy into account throughout the whole engineering process.
  • Security by design is an approach to software development that seeks to make systems as free of vulnerabilities as possible through measures such as continuous testing, authentication, and adherence to best programming practices.

Certifications and audits

ISO 27001 and 27701 certifications

Pagero's cloud services are ISO 27001 certified and Pagero Online is also 27701 certified, which proves the high standard of Pagero's information security and data privacy practices. For these certifications, external certified auditors conduct a rigorous third-party audit of our management system covering information security, cyber security and data protection.

ISAE 3000 SOC2 and ISAE 3402 SOC1

To support business objectives and demonstrate compliance, we implement and maintain a reliable IT control environment according to ISAE 3000 SOC2 TYPE1/TYPE2 and ISAE 3402 SOC1 TYPE1/TYPE2 report standards. Independent auditors perform yearly reviews and issue reports that evaluate our trust service principles and criteria according to the report standards.

Vulnerability and threat management

Pagero works closely with Outpost24, a vulnerability and threat management company that provides best-in-class solutions and help companies to identify and mitigate weaknesses in the network. Outpost24 performs regular penetration tests, vulnerability scanning and real-time threat management that facilitate instant recognition of imminent threats.

Cyber Essentials

Since October 2014, participation in the Cyber Essentials scheme has been mandatory for suppliers of UK Government contracts which involve the handling of personal information and provision of ICT (information and communications technology) products and services. Pagero was certified in 2016 and we are entitled to use the Cyber Essentials badge to certify compliance.

Want to know more?

Contact us with your information security queries.
  • Ensure information security

  • Put your data in trusted hands

  • Communicate safely with all your business partners

Get in touch with us