You have not given any consents yet.


Information Security & Compliance

Our internal policies to ensure the security of customer data

Importance of Information Security 

Information security at Y Soft includes a set of policies and procedures that guide how we develop our products and services and define the behavior of employees with regard to handling and protecting customer data. 

While under the guidance of Y Soft’s Chief Information Security Officer, information security is engrained in all employees and regularly reviewed. Specifically, we look at the totality of people, processes and technology when defining how to protect information assets.

What we address within Information Security

Our policies and procedures address the three critical areas regarding information security: confidentiality, integrity and availability. 

Specifically, confidentiality protects against unauthorized disclosure; integrity protects against unauthorized modification, accuracy, non-repudiation and completeness of information; and lastly, availability concerns data is available when needed and protects against its destruction.

Standards and Compliance

Y Soft ensures that its internal security information practices, policies and procedures are designed to meet with the ISO 27001:2013 standard, recognized globally as the standard and that which many countries base their own national guidelines. Our ISO 27001:2013 certificate can be viewed and downloaded here.

Additionally, our products and services leverage existing standards such as end-to-end encryption, and oauth2/openID connect standards. Learn more about Data Protection / GDPR.


Read our policy statement and about our Information Security Management System (ISMS).

Download our step-by-step guidelines on how to mitigate the Log4j vulnerability.

Download our step-by-step guidelines on how to mitigate the Spring4Shell vulnerability.