Security and Data Privacy

We’ve gone through numerous security assessments with our customers, and we know that security matters for a high-quality B2B SaaS. We cannot provide all (sensitive) details here but are happy to share further information on request or as part of an approval process.

SIGNL4 meets strictest criteria of data protection

Is SIGNL4 GDPR compliant?

 

GDPR compliance

SIGNL4 is fully GDPR compliant. Our European Data Center is in Amsterdam, Netherlands (Microsoft Azure Data Center). 

Data Processing Agreement

For best GDRP compliance and for customers in the European Union, we do provide for a full data processing agreement which can be examined here and, if needed, signed electronically. 

Data Privacy Policy

You can find our data privacy policy here.

 

 

Certifications

Are SIGNL4 data centers certified (SOC2, etc)?

SIGNL4 is hosted on Microsoft Azure. Azure data centers do have various certifications including SOC2. Read more here

Does SIGNL4 have any security certifications (ISO 27001, TISAX)?

SIGNL4 is TISAX-certified. This means SIGNL4 is operated under a strict information security management framework. Information about the certification will be shared on request or through the ENX Portal.

Derdack is ISO27001 certified. ISO/IEC 27001:2022 is essential for organizations aiming to protect their information assets and comply with best practices in information security management. It emphasizes a systematic approach to managing sensitive company information, ensuring its confidentiality, integrity, and availability. 
Visit our trust center for more information: https://trust.signl4.com/

 

Do you encrypt my data?

 

Full at-rest encryption

Storage of SIGNL4 data in Azure is encrypted and decrypted transparently using 256-bit AES encryption, one of the strongest block ciphers available, and is FIPS 140-2 compliant.

Full in-transit data encryption

Service connectivity is secured via SSL (REST) and TLS (SMTP). We also encrypt communication between our node-clusters and internal applications based on TLS 1.2.

Partial in-use data encryption

We encrypt/hash certain content like service passwords and 3rd party tool service account passwords and compare only hashed data. Certain logical operations on content like keyword matching algorithm however require decrypted processing.

Which TLS version do you support/enforce?

We do not enforce a TLS version but do support TLS 1.2.

 

Authentication

 

What is the foundation of your authentication methods?

Authentication of the mobile app is token-based and data are automatically erased from the mobile device if no valid authentication is provided. The authentication against external providers like Microsoft Azure AD is also based on tokens. Please, contact us in case you require more details.

Do you support MFA?

We currently support MFA (multi-factor authentication) through Microsoft Azure AD, Google and Apple authentication if you enable MFA with these providers. For our custom login, we have plans to implement MFA.

 


Data Security and Protection

Where are my data, where is SIGNL4 hosted?

SIGNL4 is hosted in a European (EU) data center of Microsoft Azure.

Do you have a firewall in place?

Yes, of course. The SIGNL4 cluster is protected by a commercial firewall.

Do you have a data retention policy in place? Can I delete my data?

Yes. You have full control over your data. If you choose to delete your account, we delete all your data. We fully operate under European GDPR.

As long as your account is active, we retain your data. We retain notification/message/event data up to 12 months, depending on your subscription plan.

How do you segregate customer data?

SIGNL4 is a public SaaS. So, we’ve implemented logical data segregation in our code based on client and API keys. This prevents access to any data except your own, including through our API.

Do you have key and password management policy?

Yes. API keys and passwords (customer login) are stored in hashed format. API keys are only shown once to the user upon creation.
 

How do you protect access to data by your employees?

We have a wide range of policies (TOMs – technical and organizational measures) in place, ranging from physical access control, digital access rights control, multi-factor authentication and so on. Please, refer to our Data Processing Agreement for more details.

Do you perform SAST/DAST/PEN checks?

Yes, we have continuous DAST (Dynamic Application Security Testing) running, using a commercial tool on at least a weekly basis. We can provide you with reports as part of a security assessment.

We also perform SAST (Static Application Security Testing) as well as SCA (Source Code Analysis) testing. Manual PEN testing has been conducted lately.

 

Business Continuity

 

Do you have a disaster recovery policy in place? How about backups?

Yes. First of all, SIGNL4 is a multi-node cluster application with inherent high availability and failover. Our DR also includes daily off-site backups, resulting in a RPO (Recovery Point Objective) of 24 hours. We are also using 3rd party services, making sure those meet or exceed our own availability goals.

You can track our uptime of 99.99% here: https://status.signl4.com 

Mobile Alerting & Anywhere Incident Response

Feature Overview

A comprehensive Platform for mobile Alerting for an up to 10x faster Response

AIOps and AI Alerting

AI-powered Alerting and Alert & Incident Management

Reliable Alert Notifications

Alert Notifications by push, text, voice and email. With Tracking and Escalations

Alerting App

The modern Way of receiving and managing critical Alerts on-the-go

On-Call Scheduling

Ai-powered Scheduling and Management of On-Call Duties and Shifts

Call Routing

Live call routing and a Voice Mailbox for modern after-business Hours Operations

    Resources

    Use Cases

    IT Alerting

    Stay ahead of critical IT incidents and minimize downtime with SIGNL4 – automated, secure, and in real-time

    Incident Management

    Accelerate response, and streamline incident workflows with real-time mobile alerts

    SecOps Alerting

    Respond faster to cyber threats with mobile-first alerting

    SCADA Alarm Notifications

    Respond faster to machine breakdowns, quality issues, and maintenance calls

      IoT Service Alerting

      Automatically alert and notify your field service teams based on real-time signals from your IoT sensors and devices

      Field Service Alerting

      Automated Mobile Routing of Service Requests and Alerts to Field Teams

      On-Call Management

      Create and manage duty schedules, automate alert delivery, escalate seamlessly, and route after-hours calls

      After-Hours Call Routing

      SIGNL4 automatically routes after-hours calls to on-call staff – ensuring timely response and 24/7 coverage

      Building Automation

      Ensure fast response, fewer disruptions, and better facility management and service

      Emergency Alerting

      Keep your teams prepared when every second counts. SIGNL4 delivers fast, reliable emergency notifications

      Alert Management

      A central alert management hub helps to streamline alerting processes from multiple enterprise systems

      Integrations and APIs

      Integrations Overview

      We have verified and tested 200+ Integrations with 3d Party Products

      EMail (SMTP)

      The fastest and easiest way to connect to SIGNL4.

      REST API

      Seamlessly integrate services or implement additional features

      Webhook

      SIGNL4’s most popular and flexible integration

        Top Integrations

          Selected Customer Case Studies

          Airport Berlin-Brandenburg

          Automated Alerts and Mobile Incident Response for Luggage Transportation Systems

          BASF Coatings

          Automated Transport Dispatching with IoT Buttons and a mobile App for optimized Intralogistics

          RedIron, Canada

          Unifying Alerts and Notifications in mission-critical IT Operations

          CSP Lighthouse, Australia

          Reliable 24/7 Alerting for a global Cybersecurity Service Provider

            Swiss Bankers, Switzerland

            Real-Time Fraud Prevention with 24/7 mobile alerting in Financial Services Operation

            Conexus Credit Union, Canada

            Conexus transformed Incident Response in a Single Day with SIGNL4

            Overview of Industries

            Exciting case studies from selected customers in sectors such as logistics, aviation, manufacturing, finance and IT

            About us

            About Derdack & SIGNL4

            Learn more about a Market Leader in mobile Alerting and Anywhere Incident Response for critical Systems

            Partner Program

            Become a SIGNL4 Partner and take Advantage of a well-established and rapidly growing Product

            Newsletter

            Get Updates, exciting Insights, and Customer Stories – Sign up for our Newsletter!

            Glossary

            We explain the most important Terms and Topics in the Field of Alerting and Incident Management

            Blog

            Our blog offers expert insights and practical tips for getting the most out of SIGNL4

              SIGNL4 got recognized by the G2 Community
              DERDACK SIGNL4
              Powered by  GDPR Cookie Compliance
              Privacy Overview

              This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.