Data Security

Vismo handles data for organisations across the globe. We recognise the importance of security and are committed to protecting our customers' data with the highest standards. Our security model follows international standards and industry best practices, including ISO 27001 and the OWASP Top 10, ensuring a secure and reliable environment.

Vismo is hosted on Amazon Web Services (AWS) across multiple Availability Zones, ensuring reliability and high availability. We are hosted in AWS data centres in EU London, allowing us to keep your data accessible whenever you need it.

AWS data centres utilise industry-leading physical and environmental security measures to provide a highly secure infrastructure.

To learn more, visit the AWS Security page.

Vismo is built with security in mind at every layer, including the application layer. Our development follows the OWASP Top 10 framework, ensuring protection against common vulnerabilities. All code undergoes peer review before deployment to maintain high security and quality standards.

Our controlled CI/CD pipeline includes static code analysis, vulnerability assessments, end-to-end testing, and unit testing which also cover authorisation and security aspects. Additionally, our developers stay up to date with best practices for secure development.

Vismo’s infrastructure is designed with multiple layers of defence to ensure the highest level of security. Our platform is hosted across multiple AWS Availability Zones, providing resilience and high availability.

To protect our infrastructure, we implement (but not limited to):

• Firewalls to enforce IP whitelisting and restrict access to permitted network resources.
• A Web Application Firewall (WAF) to dynamically block content-based attacks.
• DDoS mitigation and rate limiting to prevent service disruptions.
• Advanced routing configurations to enhance network security.
• Comprehensive network traffic logging, covering both internal and edge traffic for monitoring and analysis.

Vismo ensures that all customer data is encrypted both in transit and at rest:

• Traffic encryption: All data transmitted between users and Vismo is secured using TLS 1.3 with a modern cipher suite, with support for TLS 1.2 at minimum.




• Data encryption at rest: User data is encrypted across our infrastructure using AES-256 or stronger encryption.

• Credential security: Passwords and sensitive credentials are hashed and salted using a modern, industry-standard hashing function.

Independent third-party assessments are essential for ensuring an objective evaluation of security. Vismo conducts annual penetration tests at both the application and infrastructure levels, performed by well-known, independent security auditors.

Additionally, Vismo undergoes regular external audits, including ISO certifications, to validate our commitment to industry-leading security standards.

Vismo is a fully cloud-based platform, with no on-premise infrastructure. Our office security includes personal identification-based access control, CCTV monitoring, and alarm systems to protect sensitive operations.

Vismo’s data is hosted on Amazon Web Services (AWS), which implements industry-leading physical security measures, including 24/7 monitoring, biometric access controls, and strict facility protections to safeguard customer data.

Vismo is committed to ensuring continuous and uninterrupted service for all customers. We regularly back up user data, and all backups are encrypted and stored in multiple locations to ensure redundancy.

Our Disaster Recovery Plan is tested at least once a year to assess its effectiveness and ensure that all teams are aligned with their roles and responsibilities in the event of a service interruption.