How does Holm Security protect our data?

Strong customer data protection 

Holm Security is ISO 27001:2022 certified and complies with GDPR as well as NIS and NIS2 requirements, demonstrating a systematic and risk-based approach to information security.

Data within Holm Security’s Next-Gen Vulnerability Management Platform (VMP) is logically separated between customers to prevent cross-access. All sensitive data is encrypted both in transit and at rest using industry-standard encryption, with TLS 1.2+ as a minimum. Strong authentication measures such as single sign-on (SSO), two-factor authentication (2FA), strict password policies, and detailed, tamper-proof audit logs further protect user access.

Holm Security hosts its platform in ISO 27001-certified European data centers with strong physical protection, redundancy, and secure data storage in neutral EU countries. Development, test, and production environments are strictly separated, and secure software development practices include continuous vulnerability assessments and penetration testing.

Employee and operational security are equally prioritized. Staff undergo background checks, continuous awareness training, and operate under a least-privilege access model via VPN. Continuous monitoring, patch management, daily backups, disaster recovery planning, and transparent incident response ensure resilience and rapid customer communication if incidents occur.

More information

Read more in our document about safeguarding customer data:

• How we safeguard your data (PDF)