At Debexpert, we want to provide you with the best service for the debt market. In order to continuously improve and provide services to Debexpert platform users, we use our user's personal information. We are also committed to protecting your data privacy and security. To learn more, check out the privacy resources below.
We provide safe service
At Debexpert, we prioritize data privacy for your business. That's why we use the latest technologies and approaches to ensure your data is securely protected and to prevent unauthorized access to your account. Your data is not shown and cannot be shared with users of other Debexpert accounts under any circumstances.
We take a comprehensive approach to meet these points:
We take all the necessary measures from a technical point of view.
We work with the 'human factor' using regulations, documents and instructions.
Zero Trust Сoncept
Zero trust assumes that threats can come from anywhere and it is not possible to describe and prioritize them in advance. Debexpert adheres to the following core principles:
Always performs authentication and authorization based on all available data metrics.
Least privilege access
Restrict user access through role-based access model, risk-based adaptive policies, and data protection.
Control and monitoring
Conduct event collection on Debexpert systems and verify all events to prevent and detect attacks in a timely manner.
Debexpert data is accessed via a secure connection using HTTPS/TLS cryptographic protocol and data is encrypted using the AES standard. To protect payment data, we use TLS 1.2 encryption on the transport layer. On the application layer, Debexpert allows end-to-end encryption with a private key not known to third parties.
To guarantee the safety of information in case of possible irreversible loss (failure in the primary data center), we produce a backup for a high level of service availability. Data is replicated to the backup data center, so in case of failure the entire infrastructure will be restored automatically in minutes.
At the heart of Debexpert's approach to privacy is a commitment to giving users full control over the data they share. In other words, by using Debexpert you control your own data.
Debexpert considers any manipulation of the platform's data – moving, giving access to other users without authorization of the owner, modifying or selling it – a gross violation of rights and guarantees you complete confidentiality. Debexpert users data is secure because accounts are isolated from each other at the software code level, users of one account cannot access information stored in another account.
Secure Software Development Lifecycle
Implementing Secure Software Development Lifecycle (SDLC) measures at all stages of the software development cycle is a prerequisite for software companies to be competitive in the marketplace. Debexpert has implemented best practices in its software development process to provide more reliable and secure products to our customers. In particular, the Debexpert SDLC takes into account industry best practices for secure programming such as OWASP as well as NIST (e.g. NIST SP 800-64, SP 800-100).
Debexpert uses AWS to provide a service with a high level of availability, confidentiality and integrity. AWS helps ensure compliance with nearly every regulatory agency worldwide and supports a large number of security standards and compliance certifications, including:
Debexpert uses network and application security services such as Cloudflare, which help inspect and filter traffic to prevent unauthorized access at the host, network, and application levels.
Network and application security services inspect and filter traffic to prevent unauthorized access to resources. At the network level, the Network Firewall allows you to tightly control traffic to, from, and between Debexpert servers using features such as stateful inspection, intrusion prevention, and web filtering. To protect web applications, the Web Application Firewall (Cloudflare) allows you to filter any part of a web request, such as IP addresses, HTTP headers, HTTP body, or URI strings, to block common attacks listed in the OWASP Top 10. The service also protects networks and applications from even the largest DDoS attacks and offers managed detection and response to repel targeted attacks.