Security Statement

Prepared on: 18/12/2023

Security Statement

We are a security company, so we need to set a good example by adhering to the highest possible standards. Therefore, in all cases, we have adopted the following approach with regard to protecting our employees, customers, partners, and the company as a whole.

Security measures

  • Data transfer is encrypted based on modern standards.
  • Data storage is encrypted based on modern standards. *
  • Data transfers and storage are protected with anti-malware, -exploit, and -cryptoware solutions. *
  • Data storage has version control and/or encrypted replication backup methods. *
  • Data archives and backups are retained according to the applicable retention period(s). *
  • Accounts use strong passwords and two-factor authentication. *
  • Privileges are granted based on the ‘Least Privilege Principle’.
  • Access attempts are only granted if identification and authentication have been fully performed.
  • Security patches are installed within 1 month of their release.
  • Software, hardware, and services are supported by their suppliers and are not labeled as ‘End-of-Life’.
  • Software, hardware, and services are securely configured before use.
  • Publicly accessible systems are protected with (application) firewalls and anti-DDoS solutions. *
  • Emails sent are protected with anti-spoofing measures and digital signatures. *
  • Personal data processing is carefully carried out in compliance with applicable laws and regulations, including the General Data Protection Regulation (GDPR).
  • We are transparent about security breaches, data leaks, legal requests for access to data processing, and responsible disclosure of vulnerabilities.

*) These technologies are not present everywhere, so their deployment is limited by their availability.

Phishing and general email addresses

Recognizing phishing is important. We have applied all possible measures (SPF, DKIM, and DMARC) to prevent false emails from being sent in our name. If you suspect that you have received phishing or spam in our name, you can find an overview below with our general email addresses that we use for customer contact. If the email address differs, it is very likely a false email or phishing.

We use the domains mite3.nl, and finance.mite3.nl for sending and receiving email. The following generic email addresses are used by us.

If you have any questions or would like to know more, do not hesitate to contact us at the email address [email protected].