Security Conscious

Your Data, Safe with Us

Valamis is proud to be the market leader in learning analytics and compliance training. We work to the highest industry standards in data security, verification and storage of personal data.

Working in partnership with customers means protecting their data, and we are committed to provide you peace of mind knowing that your data is safe with us.

Compliant and Certified

  • ISO 27001 Certified

    Cyber Security

    ISO/IEC 27001 is the world’s best-known standard for information security management systems (ISMS) and their requirements. Additional best practice in data protection and cyber resilience are covered by more than a dozen standards in the ISO/IEC 27000 family.

  • ISO 27017 Certified

    Information Controls

    ISO/IEC 27017 provides cloud services information security controls, including guidance for both cloud service providers and enterprises utilising cloud services. ISO 27017 supplements the basic security controls covered in the ISO 27001 standard.

  • ISAE 3000 type II Audited

    Data Protection

    SOC 2 (System and Organization Controls) standards are designed to help organisations demonstrate that they have the necessary controls in place to protect the security, confidentiality, and privacy of their customers’ data.

Your Data with Valamis

  • We are certified in ISO/IEC 27001:2013, ISO/IEC 27017:2021, the world’s best-known standard for information security management systems (ISMS) and their requirements
  • Our security processes have been audited and have received completion of the assurance report known as ISAE 3000 type II (SOC 2), this proves to our internal and external stakeholders that we are securing data in line with best practice
  • We store data in the EU and USA using Azure data centers
  • We have in-transit and at-rest encryption in place
  • Our standards are reviewed on a regular basis by independent verifiers

Cloud Based and Up-to-Date

  • We have a Web Application Firewall in place with DDoS protection, using Fastly CDN
  • We use Kubernetes and automated virtual machine scale sets to provide resilience against unplanned downtimes
  • We deliver all our systems using automated and repeatable processes
  • Operational accesses are managed by and cancelled automatically after a set time
  • We have internal central logging, with audit logging capabilities in place on all deliveries