Skip to main content

Security and Certification

Overview

At 1GLOBAL, we are passionate about providing customers solutions with simple solutions that are secure by design. We don’t believe our customers should feel they need to manage their own network and multiple security systems just to feel protected. It must be secure, and it must simple.

We take security seriously, from our people, the data centres we operate and each line of code that powers our global mobile platform.

Highlights

  • ISO27001 certified
  • Dedicated Security Operations Centre
  • Portuguese National CSIRT Network Member
  • UK Cyber Essentials Plus
  • ISO 22301 Business Continuity Management System certified
  • GSMA SAS-SM certified

Application security

1GLOBAL internal application development is supported by guidance during the systems development life cycle (SDLC) and by following base security principals, including confidentiality, integrity and availability. Our development is reviewed and evaluated in accordance with OWASP Top 10 Web Vulnerabilities.

Third party security

1GLOBAL suppliers are selected based on the quality services and security guarantees provided and must be aligned with 1GLOBAL's own standards and vision. Our suppliers are periodically assessed and monitored according to quality KPIs and SLAs.

Infrastructure security

Our infrastructure is composed of facilities, systems, sites, information, people, networks and processes. Each component is reliant on strong measures and security practices. This allows 1GLOBAL to ensure integrity and availability in all services delivered to our customers. The implemented security measures follow CIS Top 20, and these are aligned with ISO/IEC 27001:2013, security controls.

Security Incident Response Team

1GLOBAL has created a Computer Security Incident Response Team (CSIRT) that responds and proactively monitors information security incidents. Our CSIRT is an accredited member of the Portuguese National CSIRT Network.

1GLOBAL Computer Security Incident Response Team (1GLOBAL CSIRT) is part of the 1GLOBAL Cybersecurity, Risk and Compliance area. This team relies on automatic and stakeholders' alerts to respond to security incidents, protecting 1GLOBAL and its customers from threats to information security and cyber-attacks.

1GLOBAL CSIRT provides the most effective and efficient protection for our internal information and that of our customers, suppliers and partners. This is done by detecting threats, analysing data, and containing, eradicating and recovering from security incidents. It ensures minimal impact and the continuity of operations and data privacy.

1GLOBAL CSIRT is in constant contact with other CSIRTs and CERTs, receiving and sharing relevant information on incidents in cyberspace.

Certification

1GLOBAL holds various industry certifications subject to a rigorous internal and external audit program. These include:

ISO 27001 Certification

ISO 27001 Certification was achieved by 1GLOBAL on 2013, and since then we are fully dedicated on the continual improvement of our ISMS according to the standard and following the technology security expansion. Periodically our people, policies, processes and systems are reviewed and audited by external evaluators, which attest our compliance for the certification purpose.

UK Cyber Essentials Plus

1GLOBAL is now a Cyber Essentials Plus certified organisation, thus providing the assurance that all criteria for external services, corporate operating system images, and cyber controls are in place to protect our customers' information. Through this accreditation, 1GLOBAL reiterates its commitment to protecting personal customer information above all else—demonstrating that we’re not only a global leader in telecoms technology, but also customer safety.

GSMA SAS Certification

1GLOBAL is one of the few companies in the world certified with the GSMA SAS. This certification allows us to remotely allocate subscription credentials into devices, without compromise security. The certification process follows a strong and hard security requirements implementation, which are frequently verified by the Certification Body.

Business Continuity

1GLOBAL is officially certified against the ISO 22301 Business Continuity Management System. This certification represents the culmination of years of work pursuing and fine-tuning the best practices regarding people, processes and technology for 1GLOBAL’s critical services.

Our customers can now be assured that 1GLOBAL follows the best international practices to maintain its up and running services, drastically reducing the likelihood and impact of service disruptions.

1GLOBAL can now provide an official assurance, based on a thorough independent audit process against the ISO best practices, that the services we provide have business continuity plans in place to ensure availability and high resiliency.

1GLOBAL’s supply chain will be more resilient and the overall ecosystem will have a risk reduction on potential down times. This certification reinforces 1GLOBAL’s commitment to providing a premium level of service to clients, even during hostile conditions.

Data Centre Certification

1GLOBAL's core systems and applications are hosted in several secure and certified data centres across the globe. These data centres are layered with operational and security controls, following all requirements for Tier 3 Certification.

Our data centres have been accredited under the most demanding and relevant security standards, such as ISO 27001, ISO 22301, SOC 1, SOC 2, SOC 3, PCI and FIPS 140-2. Additionally, 1GLOBAL has built private cages within the hosting data centres to further protect our customer's information, meeting the highest demands for physical security.

GDPR

(General Data Protection Regulation)

At 1GLOBAL we are committed to maintaining the privacy and security of the data we hold for you. 1GLOBAL takes complying with the General Data Protection Regulation (GDPR) seriously, so that your customers’ data is processed lawfully, fairly and in a transparent manner.