GEVME Security
We take security seriously at GEVME so we built the platform with security and reliability in mind, right from the core.


GEVME Security
We take security seriously at GEVME so we built the platform with security and reliability in mind, right from the core.
Compliance and regulations

ISO/IEC 27001:2013

PCI Security Standards Council

General Data Protection Regulation

bizSAFE3
Security features

Data encryption in transit and at rest

MFA Enforcement

Support for Custom Data Retention

Support for Audit Logs

Access to Compliance Reports

SSO (SAML & OpenID)

Granular users & roles management

Support for PII Data Anonymisation

Support for On-Premise Deployment

ISO/IEC 27001:2013
ISO/IEC 27001:2013 is a security management standard that specifies security management best practices and comprehensive security controls following the ISO/IEC 27002 best practice guidance. The basis of this certification is the development and implementation of a rigorous security program, which includes the development and implementation of an Information Security Management System (ISMS) which defines how GSI perpetually manages security in a holistic, comprehensive manner. This widely-recognized international security standard specifies that AWS do the following: We systematically evaluate our information security risks, taking into account the impact of threats and vulnerabilities. We design and implement a comprehensive suite of information security controls and other forms of risk management to address customer and architecture security risks. We have an overarching management process to ensure that the information security controls meet our needs on an ongoing basis.
Our certification is performed by an independent third-party auditor. Our compliance with this internationally-recognized standard and code of practice is evidence of our commitment to information security at every level of our organisation, and we are in accordance with industry leading best practices.

PCI Security Standards Council
The Payment Card Industry Data Security Standard (PCI DSS) is a proprietary information security standard administered by the PCI Security Standards Council, which was founded by American Express, Discover Financial Services, JCB International, MasterCard Worldwide and Visa Inc.
PCI DSS applies to all entities that store, process, or transmit cardholder data (CHD) or sensitive authentication data (SAD), including merchants, processors, acquirers, issuers, and service providers. The PCI DSS is mandated by the card brands and administered by the Payment Card Industry Security Standards Council.
GSI leverages on Imperva Cloud WAF to achieve PCI compliance. Our core products, GEVME & Judgify, are both protected by Imperva.

General Data Protection Regulation
The European Union’s General Data Protection Regulation (GDPR) protects European Union data subjects’ fundamental right to privacy and the protection of personal data. It introduces robust requirements that will raise and harmonize standards for data protection, security, and compliance.
We comply to GDPR and have designated European Data Protection Office (EDPO) as our European Representative pursuant to Article 27 of the General Data Protection Regulation (GDPR).

bizSAFE 3
bizSAFE is a programme that ensures companies build up their workplace safety and health capabilities. GSI is committed to providing its employees and customers a safe place to work and collaborate. GSI is today Level 3 Certified under the bizSAFE programme. To achieve this, our company had to engage an auditor approved by the Ministry of Manpower of Singapore to assess our implementation of Risk Management plans in our workplace.