secure-1600x600

Security

Security is a given with Convene. 

Our Key Security Features

Convene was designed and developed to enable your organisation to respond to today’s pressing security challenges. Equipped with advanced security features and end-to-end encryption, Convene’s multi-layered approach offers users high levels of data protection, access control, availability, and application security.

Paper documents are not secure. They can be left at printers, photocopied, or simply forgotten elsewhere - compromising the security of your meeting. However, there are security concerns about storing sensitive documents online too.

Convene is trusted by Banks, Governments, and Healthcare organisations around the world, and our security is regularly tested by customers. We encourage regular testing as we know security threats constantly evolve. So we evolve too. Working with you ensures all stay secure.

 

Here are just a few of Convene's Security Features and Accreditations.

If you want to know more, but data-security jargon isn't your thing, check out our explainer document on understanding key security terms.

Download Here

 

 

2048_bit-SSL-pictogram

2048-bit SSL

SSL (Secure Sockets Layer) is the industry standard for establishing an encrypted link between server & client. Without this, data would be sent in plain text, leaving it vulnerable to hackers.

decryption-pictogram

Two-Factor Authentication & SSO

Before a user can log-in to Convene, a verification code—which is securely and instantly delivered to the user’s registered mobile number—must be entered. The verification code is a unique, secondary password and is valid for one log-in session only.

Convene also supports single sign-on using SAML 2.0. to eliminate the need to repeatedly type in passwords per login.

AES_256-encryption-pictogram

AES-256 Network & Document Encryption

AES or Advanced Encryption Standard is the cipher used to encrypt our clients' documents when stored on our platform. AES-256 is the standard used by the US government for their sensitive information.

1010-permission-controls-pictogram

Fine-grained permission controls

Set different levels of access and editing for an individual or a group. Set individual passwords for specific files and folders. And customise read-only and read-write permissions for every meeting participant or for a whole group.

remote-wipe-pictogram

Remote Wipe

If a device is lost/stolen, any sensitive information stored in the Convene app can be deleted remotely. Additionally, any data on a lost/stolen device is automatically deleted when password guessing is detected.

audit-trail-pictogram

Audit Trail

Convene allows your system administrator to track log-in attempts, downloads, uploads and what permissions were granted to who and by whom. So if there is any suspicious activity, you can start taking appropriate actions immediately.

infrastructure-security-pictogram

Infrastructure Security

Hosting facilities in the US, Ireland, Singapore, and Australia are SSAE16- and ISO 27001-certified. Continuous network monitoring of any attempted network attacks. Our staff closely monitor servers in real-time to ensure optimum system performance.

key-management-pictogram

Key Management

Data is protected by three-tier key management: with random document key, user key and system key. In Convene, user keys are securely stored in the iOS Keychain and protected by iOS device-specific encryption with automatic key generation, transfer and destruction.

CMMI Level 5 Certification

Convene is a product of Azeus, a CMMI Level 5 company. This demonstrates our stable and mature processes. NASA only contracts with vendors who have attained this certification.

 

Certifications

Convene’s internal and external processes and practices are regularly audited to be compliant with the following industry standards: AICPA SOC 2/3, ISO 27001, 27017 and 27018.

 

CMMI5-logo-249 ISO4001-logo-107 SOC2-225x cyber-essentials-badge ISO27001 ssae500-181x148 ISO-9001-203x115

Security FAQs

We have compiled the questions we get asked the most about our security features, but you can always contact us for more details or ask other security questions.

Try Convene

1001-secure-pictogram

Is my data encrypted?

Your data is always encrypted whether it is on the cloud, on your device, or somewhere in between. We encrypt data to a standard called AES256. This is the highest level of encryption available and would take the fastest supercomputer several billion years to crack.

Do you allow penetration testing?

Yes. As an existing or potential Convene customer you can arrange for a penetration test of both your portal site and the application with your own security consultants. We just need 48 hours notice to inform AWS that a test is going to take place, this is part of our contract with them.

We also have our own penetration test carried out by a company of ethical hackers at least once a year. In combination with our customer tests, this means we review the results of security tests at least once a month. Your security is our priority. 

What happens to the documents if someone loses their device or has it stolen?

You can remotely wipe documents from Convene from the system admin menu. You do not need to purchase any additional software for this to work and it does not depend upon the operating software of the device. Convene also contains offline hacking protection to prevent unauthorised access to the data - even when the device is offline.

Can I use biometrics to log on to Convene?

Yes, you can. Convene supports devices with fingerprint recognition as a way of logging on to the application. You can also choose to use other forms of two factor authentication with Convene.

How can I keep track of who has accessed our data?

Convene comes with a full audit trail that is available for viewing or exporting from the system administrator console. Convene is designed to allow only those who are invited to meetings or organising meetings to see meeting documents. Even though the system administrator can see an audit trail of all of the meetings, they cannot access any of the documents.

Can I set the user passwords to meet my corporate standards?

Yes, you can. As we developed Convene we have added multiple options for password creation that were requested by our customers. We are pretty sure that we will have a combination that will match your corporate password! If not, no problem, just ask us and we will add it to the product.

We also offer ADFS connectors which allow you to log into Convene with the same user-name and password that you use to login to your Office 365 account or corporate email.

Do you comply with any security standards?

Yes, we do. Our processes have been accredited to ISO27001 and SOC 2, for our cloud hosting we use Amazon Web Services (AWS). AWS have a complete range of certifications relating to country specific security including ISO27001, ISO 9001, C5, Cyber Essentials Plus, SOC 1-3 and more. 

We can also set up Convene on-premise if necessary to serve your organisation's data compliance and security procedures.

Azeus Convene is also certified by UK Government's National Cyber Security Centre. This is a Government backed scheme that certifies that Azeus Convene's organisational data is safe against a wide range of the most common cyber attacks.

Recommended Reading

4 min read

Limitations of SSO and Implementing SSO (Part 2)

In my last blog, I introduced the...

3 min read

GDPR and the Company Secretary: Panel Discussion at ICSA 2018

Having got through the 25th May...

5 min read

SMS One Time Passwords (OTPs) are secure, right?

Short answer: No.

You’ve come...

1 min read

Perspectives of Cybersecurity: Introduction

With high profile cyberattacks...

Try Convene today!

Fill out the form to start a free trial of Convene. Just enter your company email address.

Try Convene

TRY-CTA-screen-presenter-670x330