Industry-leading data security
Enterprise-level security infrastructure
We prioritise security governance, risk management and compliance to ensure the utmost protection for our customers. Our defence mechanisms encompass encryption of data both in transit and at rest, advanced network security measures as well as server hardening methods, plus meticulous system monitoring with logging & alerting capabilities.
Enduring Architecture – engineered to withstand the test of time.
Pamtree is designed to be resilient and adaptive against any disruption, with redundant infrastructure, processes and automated incident response systems that can handle anything.
Agile Authentication – Unlock the potential of your data and resources with robust authentication
Our enterprise-grade security features offer multiple authentication methods, including OpenID with OAUTH2 and Corporate SSO for modern systems or legacy system protocols.
Unleash the Power of Enterprise-Wide Scalability
Our centralized platform is designed to thrive and expand from a hundred consultants up to hundreds of thousands, enabling us to deliver high volumes of customer orders around the world.
Platform Architecture
Pamtree is designed with the utmost security standards in mind, guaranteeing data will remain secluded and untouched. Even better, these safety updates are updated swiftly for customers so there’s no need to intervene or pause any activities. Rest assured that your information is secure on Pamtree!
- Pamtree cloud – By utilizing both active and redundant systems that are running simultaneously, world-class architecture is created. This allows the system to remain operational during outages while also providing a level of increased reliability.
- Platform Security – Pamtree operations integrate a holistic security approach, which covers all aspects, from hardware and infrastructure to systems, applications, transmission and storage.
- Robust API – Pamtree’s flexible, secure and powerful API allows for easy integration with any of your current or future back-office systems.
Security best practices
- Pamtree utilizes Amazon Web Services (AWS) for our hosting and production environments, providing customers with a secure and dependable infrastructure. AWS centers are monitored around-the-clock by security personnel through biometric scanning, video surveillance, and other state of the art methods to ensure complete safety – certified under SOC regulations.
- By creating a clear distinction between the machines that are storing sensitive data and those running user-facing applications, businesses can ensure maximum security.
- Pamtree and the client have established stringent restrictions on access to each data component.
- Our product includes a state-of-the-art audit system that logs every transaction, ensuring accuracy and reliability.
Technical Architecture
How does Pamtree connect and integrate with your environment?
Data Privacy
Data ownership – You possess absolute control over your data. We ensure that only approved personnel can access customer information.
Data usage – We exclusively utilize customer and consultant data in order to provide our impeccable service.
Data Encryption – Pamtree guarantees the highest level of security for all customers by encrypting data at rest and in transit between devices and networks. We are proud to utilize AES-256 encryption algorithm, which is an industry-standard, to ensure robust safety measures.
Development policy
The Pamtree development team utilizes a disciplined approach to guarantee that changes are implemented effectively and securely, always with exceptional quality as the primary focus.
- Every adjustment starts with creating a pull request from a local development branch to an environment for testing and quality assurance.
- Before any modifications are allowed to enter the QA environment, a code review must be conducted by an experienced developer.
- Before any modifications are released, a rigorous series of tests in QA and UAT must be conducted to ensure quality.
- Following stringent application testing, code is transmitted from the UAT environment to production. Every transfer of code takes place securely over an SSL connection for maximum security.
- By deploying code, you can guarantee that your software is always on the cutting edge of security and protected from any potential threats.
Compliance standards
At Pamtree, we are committed to upholding all laws and regulations related to data and information security. If you have any questions or concerns, please do not hesitate to reach out via email at [email protected]. We take great pride in providing the utmost care for our people, processes and technology so that they remain compliant with any applicable legislation.
GDPR
Pamtree is devoted to supporting users in comprehending their rights and responsibilities under the General Data Protection Regulation (GDPR), working diligently to guarantee that all GDPR regulations are met.
What Compliance Controls are included in SOC2?
SECURITY
To ensure protection against unauthorized access, internal controls need to mitigate the potential abuse or misuse of the platform, theft or the unauthorized removal of data, and disclosure of personal information.
CONFIDENTIALITY
To ensure the restriction of confidential data, internal controls need to define security and data protection procedures.
PROCESSING INTEGRITY
To assure the intended purpose of a platform is achieved, internal controls need to monitor data processing and quality assurance procedures. The purpose focuses on processing the right data at the right time.
AVAILABILITY
To control the access to a platform as per the contract and/or service level agreement with customers (specifically regarding the minimum acceptable level of performance), internal controls need to monitor performance and availability.
PRIVACY
To control the collection and use of personal information, internal controls need to support the protection of personal information from unauthorized access.
TERMS & CONDITIONS
To ensure our customers are up-to-date on any changes, we frequently review and revise our Terms and Conditions, which can be accessed through the documents section of our website.
DATA BREACH NOTIFICATIONS
Pamtree has constructed and adheres to our incident response policies.