Security in Cegid Iziago
The security of your data is our top priority
Cegid Iziago is software provided in SaaS mode, which means that you access the application via the Internet with a web browser. Exalog takes care of the hosting, security and backing up of your data. This frees you from the IT constraints of installation, maintenance, backup and security monitoring for the use of your software. These technical tasks are performed by our expert teams, who monitor your application 24 hours a day to ensure it is working properly. Our teams receive regular training in IT techniques and security.
Cegid Iziago guarantees you maximum security at every level:
Access to the application
User authentication for logging in to Iziago follows the principle of strong two-factor authentication, i.e. something the user knows: their login name and password, and something the user has: a code card.
After entering their login and password, users are asked to click on a virtual keypad (the authentication grid) in order to enter a random code, which changes every time they log in. To find out which code should be entered, the user refers to the code card, which they were able to print out when they logged in for the first time.
This two-factor system is enhanced by a check on the user’s location. If the IP address is unusual, Cegid Iziago will ask the user to validate the new location by entering a unique security code sent by e-mail.
Users rights
In Cegid Iziago, you can register as many users as you wish. Each user therefore has their own login details and authorizations (create, view) which can be finely defined by role and by bank account.
The software also allows you to create authorization profiles so that you can easily assign the same rights to sets of users.
Authorizations allow you to limit authorized transactions for a particular user or group of users. The administrator defines the scope of user activity for each user (authorized functions, database access, approved bank accounts, and so on) so that your data is secure.
Traceability
Cegid Iziago automatically logs user actions. This log, which is time and date stamped, allows you to show all user actions in chronological order with the IP addresses used and details of the actions performed.
Data hosting
Your data stored in Cegid Iziago is hosted in two highly secure data centers located near Paris, France in the infrastructure of the internationally renowned company Equinix.
Both of these data centers are ISO 27001 (information systems), ISAE 3402 (appraisal of third party organizations’ services) and ISO 22301 (business continuity management) certified.
In order to ensure 24/7 availability, there is redundancy for all the equipment used (servers, hard disks, power supplies, high-speed connections etc.). Your data is backed up in real time on a backup server. In this way the system ensures that none of your data will be lost in the event of a failure.
In addition, full backups of your data are made every hour, encrypted by the proven PGP algorithm, and stored on servers with the same security as the Cegid Iziago application itself, in the same data centers. The retention period for backups is a maximum of 5 years.
Confidentiality
The exchange of data between your computer and the Cegid Iziago software over the Internet complies with the security recommendations issued by the ANSSI (the French Network and Information Security Agency). Your data is therefore encrypted in accordance with the TLS standard, which means it is encoded so that no other system can read it. The TLS protocol was designed to protect and keep confidential communication between your web browser and the Cegid Iziago server.
The SSL certificate for the Iziago server has been issued by the internationally recognized Thawte Certificate Authority, and is recognized by your browser. This certificate allows your browser to automatically verify the identity of the Cegid Iziago server each time you log in or browse the application, so you can be sure that you are logged in to the correct site and not to a fake site that may have a similar interface.