Transmission of the digital fingerprint of the message (hash) to the whistleblower e-mail, ensuring the unchangeability of the reports.

Login with smart card.

Access regulated in accordance with the privacy policy (password complexity and change);

Delivered by DigitalPA dedicated Servers: Maximum data security and protection at the highest levels, guaranteed by the DigitalPA ISO 27001/2014 certification and by the certified server farm infrastructure ISO 27001/2014;

OWASP tested (Open Web Application Security Project) –  Testing on the system vulnerability and safety through “best practices”;

Integrated Firewall Hardware and Software: Each platform has an integrated firewall with very strict rules, which limit accesses and actions to the software. The firewalls integrate and enhance security;

IP blocking: Limited access to client’s IP addresses list. The platform can then be accessed from the internet or exclusively from the intranet;

SSL Certificate: Whistleblowing is only accessible through HTTPS (Secure Sockets Layers);

IP and SSL Certificate: dedicated for each customer;

User input validations: the platform is built with a user validation – based approach. Through extremely strict rules the user input is verified both at a client/server level;

SRF Prevention: all requests managed by the platform are protected by CSRF token;

Compliant with ISO 37301 and ISO 37001 standards dedicated to compliance and anti-corruption management systems.