top of page

Security Governance

Enterprise-grade data and network protection

Asset 138@3x.png

ISO/IEC 27001:2013

ISO Compliant

ISO/IEC 27001 is the international standard for information security. It sets out the specification for an effective ISMS (information security management system).


Complying with ISO 27001's best-practice approach helps us manage our information security by addressing people, processes and technology.

Application Security

Software Security

Patch management

Dayta implements automated patch management service integrated with our software development lifecycle that identifies and addresses missing patches within the product infrastructure. Server-level instrumentation ensures tracked software packages use the appropriate versions.

Vulnerability Assessment & Penetration Testing

Vulnerability Assessment

Dayta tests for potential vulnerabilities on a recurring basis. We run static code analysis, and infrastructure vulnerability scans.

Software Development Lifecycle (SDLC) Security

Dayta implements very strict static code analysis tools and human review processes to ensure consistent quality in our software development practices.

Physical Security

Dayta products are hosted with cloud infrastructure providers with SOC 2 Type II and ISO 27001 certifications, among others. The certified protections include dedicated security staff, strictly managed physical access control, and video surveillance.

End-to-end Encryption

All communications inbound and outbound from our software are protected with in-transit encryption using 2,048-bit or better keys and TLS 1.0 or above. Users with modern browsers will use TLS 1.2 or 1.3. 


All information at rest in our database and data centres are encrypted with key management service that uses hardware security modules (HSMs) that have been validated under FIPS 140-2.

Web and Network Protection

Dayta monitors and mitigates potential attacks with several tools, including firewalls implemented in all layers from application to the network. Besides, our infrastructure contains a Distributed Denial of Service (DDoS) prevention defences to help protect your data and access our products.

Regular Reviews

To maintain our compliance to ISO 27001, policies and guidelines must be reviewed at least annually to ensure the contents are timely and consistent.


IS 784788

bottom of page