European DNA solution trusted by IT Teams
Our knowledge-sharing platform puts security first. Global companies and public institutions in highly regulated environments trust Elium with their knowledge.
You can also rely on us to meet your European hosting needs while fully-complying with GDPR legalities.
With Elium, knowledge shared stays safe and secure.
State-of-the-art Security Approach
Elium’s approach to security is robust, clear, and always up-to-date, which means that your company’s valuable knowledge stays secure.
GDPR-compliant features
With Elium you are GDPR-ready through features such as opt-in collection, data anonymization upon request and a quick access section to your company’s DPO.
European-based hosting
We use only European-based hosting options, which are ISO27001:2013 certified. Our team performs regular back-ups to secure knowledge shared.
Privacy first design
With features like two-factor authentication (2FA), encryption, malware protection, and secure password management, you don’t have to worry about data safety.
Clear security policies
We update and train employees and partners on our clear set of privacy policies. Checks and tests are performed to ensure security protocols are respected.
ISO/IEC 27001 certified
We acknowledge you’ve entrusted us with your valuable data and most sensitive information.
That’s why your security, safety and privacy have always been our top priority.
Our information security management system (ISMS) is verified to meet the best global security and data governance standards.
A Well-Trained Team You Can Trust
Our team will always treat your data with expert attention and care. In agreement with ISO 27001, we are taking the following steps to ensure this:
- Training: All of our employees complete Security and Awareness training during onboarding and then on an annual basis.
- Employee vetting: We perform background checks on all employees, while respecting the local legislation.
- Confidentiality: Employee contracts include clear confidentiality agreements that are known and signed by team members.
- Policies: Our clear set of security policies, covering a wide-area of topics, are regularly updated and explained to teams.
Security Assurance Process Trusted by Global Clients
Pentesting and Vulnerability Scans
Elium uses trustworthy third-party security tools to continuously scan for potential vulnerabilities. Our security team responds to issues raised and resolves them quickly.
Rapid Response to Incidents
We have a clear protocol for handling security events, including escalation procedures, rapid mitigation, and post mortem. Once we jump into action, we are fast and thorough.
Suspicious activity detection
We monitor activity on the platform and check for any abnormal activities. We act quickly to tackle any suspicious behaviour and ensure knowledge safety.
And a privacy-first approach to how we develop Elium
Two-factor (2FA) Authentification
Single Sign-on (SSO) Authentification
Secure password and credentials storage
Virus and Malware Detection
Encryption in transit and at rest
Role-Based Permissions
Frequently asked questions
Categories
Data Availability
YES. We have an historic uptime of 99.9% or higher. We monitor our uptime using Pingdom and our services resources utilisation with Datadog.
YES. Elium was built with disaster recovery in mind. All of our infrastructure and data are spread across multiple GCP availability zones in Europe. Provisioning of our services are scripted and can be restored in less than 1 hour in any other Cloud data center in case of major issue on the primary data-center.
Hosting
YES. your data is private and safe at all times. Elium complies with the highest standards of data protection, following the GDPR requirements released in 2018 in Europe.
We are an independent and GDPR-compliant vendor established in 2008 in Belgium. Our whole infrastructure, customer data and backups are entirely managed by our engineering teams and exclusively hosted within highly secured ISO27001, SOC1/2/3, Tier-4 facilities in Europe. Our security and privacy policies (including third parties we work with) can be reviewed here. For any potential concerns, you can reach out to [email protected]
YES. EYES. Elium services and data are hosted in Europe. We provide 2 cloud hosting solutions:
- Google Cloud Platform, and most specifically region eu-west1 (Belgium) for services and mutli-region EU (Belgium, Netherlands, Finland, Germany) Cloud storage for data.
- 3DS Outscale, using SecNumCloud regions (Paris, France) for services and data.
Privacy Processes
YES. All of our services are within our own containers cluster (Kubernetes) with network access control lists (ACLs) that prevent unauthorized requests getting to our internal network.
YES. We have a process related to logging and tracing. On an application level, we produce audit logs for all activity, ship logs to Datadog for analysis and use S3 for archival purposes. All actions taken on production consoles or in the Elium application are logged.
YES. We regularly update systems and services that operate Elium and apply security patches when required. We manage any modification through a change management system that allows us to quickly revert these in case of unattended issues.
Security Features
YES. Elium provides three password levels complexity and credentials are stored using a hashing and salting functions (bcrypt).
YES.. All data sent to or from Elium is encrypted in transit using 256 bit encryption. Our API and application endpoints are TLS/SSL only and score an “A+” rating on Qualys SSL Labs‘ tests. This means we only use strong cipher suites and have features such as HSTS and Perfect Forward Secrecy fully enabled. We also encrypt data at rest using an industry-standard AES-256 encryption algorithm.
YES. We enable permission levels and access rights within the app to be set for your usage. Easy and secure gouvernance is one of the most appreciated features of Elium.
YES. Our product offers a standard protection against malware and virus. Once the option is activated, any image or file below 500 MB uploaded on Elium will be automatically screened for viruses using the ClamAV software.