Security

Security

Reliability, integrity and availability for highly effective integration

Data Security

IBM B2B Collaboration solutions provide comprehensive data security capacity through encryption.

Other security features are:

  • Provision of identity management features, including authorization and authentication of different access profiles, depending on user role
  • Definition of different access profiles, based on user roles
  • Data transport is carried out in a highly secure manner, through Secure Sockets Layer (SSL) and Secure Shell / Secure File Transport Protocol (SSH / SFTP)
  • ​​Provision of support to data encryption through technologies such as Secure/Multipurpose Internet Mail Extensions (S/MIME) y Pretty Good Privacy (PGP)
  • Possibility of using the Sterling Connect: Direct protocol in order to improve existing FTP security
  • Both current and inactive files can be encrypted
  • Transfer of auditable file in order to ensure conformance with GDPR regulations, through an owner protocol authorisation and encryption FIPS 140-2 Certificate and Common Criteria)
  • X.509 Certificates for authentication
  • Checking Certificates and Certificate Revocation List)

Transit Data Security

Data Protection Policy

All of our professionals have read and signed our “Personal Data Processing Personnel Security Policy” informing them of how it works and the processing they must do and how we must respect personal data protection.

We also maintain strict control of all our providers, requiring them to provide the corresponding guarantees that prove the application of the necessary measures to adequately protect any personal data they may process on behalf of our company.

Compliance with GDPR

In accordance with the provisions of the personal data protection regulations in effect and the Spanish Organic LOPDGDD Law, we comply with all of the provisions for processing personal data which are processed legally, faithfully and transparently as relates to the data subject and as adequate, pertinent and limited to that which are strictly necessary in relation to the purposes for which they are processed. Moreover, we have implemented appropriate technical and organisational policies to apply the security measures established in order to protect data subjects’ rights and liberties. At the same time, we have defined “Processing of Special Categories of Data” and implemented the appropriate security measures for them.

Additional services

Information Obfuscation

This option is implemented in cases where the data transmitted are not encrypted and the information must be kept confidential. Thus, our technicians only have access to the file name (to identify them within various flows) and the processes that manage them to determine errors but never the actual information contained in them.

Information Encryption

This option is implemented in customer’s source and recipient machines. The encrypted data moves through our solutions at the customer-desired level and only a decryption key can provide access to the data meaning our professionals never have access to the information they contain.

If you are interested in receiving more information about any aspect related to information security, contact B2B Bureau.