SettleMint Security Certifications
At SettleMint, we prioritize security as a fundamental component of our operations.
Hence, we employ highly secure development methodologies when creating our services, processes, and configurations for cloud infrastructure.
We continuously ensure the privacy, integrity, and availability of SettleMint's platform while regularly assessing risks to our environment and our users' data.
SOC 2 Type II Compliance
SettleMint is SOC 2 Type II compliant and has received attestation of this after an audit by BDO, an independent and recognized authority based in Brussels, Belgium.
As a SOC 2 Type II compliant organization, SettleMint has undergone an extensive audit of its business processes, policies, and procedures related to the security, availability, processing integrity, confidentiality, and privacy of customer data. The report, as presented by BDO, provides assurance to our clients that SettleMint has the necessary controls and safeguards in place to protect their sensitive data. Customers who currently have a nondisclosure agreement with SettleMint may request copies of our SOC 2 Type II Report.
By partnering with a SOC 2 compliant organization like SettleMint, clients can rest assured that their data is in safe hands. This SOC 2 Type II compliance report is particularly valuable for industries such as healthcare, supply chain management, and energy-based organizations in the EU as well as globally. This certificate also has specific privacy requirements under HIPAA. Our SOC 2 compliance is also essential for government, businesses, and any organization dealing with highly sensitive data. With SettleMint's SOC 2 Type II reports, clients can have the highest level of confidence in the security and integrity of our BPaaS services system.
ISO 9001 Certification
This certification is awarded to companies that demonstrate the ability to consistently provide products and services that meet customer and regulatory requirements. SettleMint India has received ISO 9001 certification for its quality management system, which ensures that its products and services are of the highest quality.
SettleMint India has been issued an ISO 9001:2015 Quality Management System certificate for its activities related to providing IT services, including blockchain, AI, IoT, and software development. The certificate verifies that SettleMint India has implemented a quality management system that meets ISO 9001:2015 standards. This certification covers a wide range of services offered by SettleMint India, including consultancy, training, and recruitment services in the field of IT. The certificate demonstrates SettleMint India's commitment to delivering high-quality IT services to its customers.
ISO 27001 Cert
This certification is awarded to companies that have implemented an Information Security Management System (ISMS) that meets international standards for data security. SettleMint Services India Pvt. Ltd. has received ISO 27001 certification for its ISMS, which ensures that its blockchain infrastructure is secure and meets the highest standards of confidentiality, integrity, and availability.
The certificate is an ISO/IEC 27001:2018 Information Security Management System certification issued to SettleMint India Services Pvt. Ltd. The scope of activities covered by the certification includes providing products, sales, purchases, services, and training in information technology, including various technologies like blockchain, artificial intelligence, and cloud computing, and related services like IT recruitment and marketing. The certification confirms that SettleMint India has implemented and maintains an effective information security management system in accordance with the ISO/IEC 27001:2018 standard.
CERT-In Safe to Host Certificate
The Indian Computer Emergency Response Team (CERT-In) has awarded SettleMint Services India Pvt. Ltd with the Safe to Host Certificate for its blockchain infrastructure. This certificate guarantees the safety of their IT systems and compliance with Indian legal standards.
The web application, SettleMint, has also received a Safe to Host certificate from DR CBS Cyber Security Services LLP, indicating that it has undergone an IT security audit and is safe from known vulnerabilities. The audit was conducted in accordance with guidelines set by CERT-In and NCIIPC, as well as various web security standards such as OWASP Top 10 Web Risks, SANS Top 25 Software Errors, CWE, CVE, W3C, and Web Content Accessibility Guidelines (WCAG), etc.
SettleMint uses cloud infrastructure from top third-party providers such as Amazon Web Services (AWS), Microsoft Azure, and Google Cloud. These providers have physical architectures in Asia, the Middle East, Europe, and the United States, with multiple Availability Zones in each Region. Clients can choose the Regions for their nodes. AWS and GCP have strong security measures in place to protect customer data in secure data centers.
We conduct annual information security risk assessments to ensure proactive protection. This involves evaluating the degree to which risks have been handled while taking into account the likelihood, impact, and velocity of threats. The process identifies controls and risk mitigation strategies. Additional risk-mitigation techniques are considered in cases where residual risk is high.
The Information Security Steering Committee of SettleMint plays a vital role in sustaining our security efforts. This committee monitors progress and ensures that essential security improvements receive the appropriate management attention.
We invest heavily in employee security training to ensure that all our employees are equipped with the knowledge and skills to identify and respond to security threats. Our training covers various topics, including password management, phishing, social engineering, and data protection. We also conduct regular simulated phishing exercises to assess our employees' susceptibility to phishing attacks and provide targeted training to those who need it.