Our SOC2 accreditation demonstrates the commitment from Temenos SaaS to create, implement and maintain security policies and practices that address and adhere to AICPA/SSAE18 SOC2 principles.
Cloud-native, cloud-agnostic, API-first core banking solutions offers rapid and elastic scale benefiting from the highest levels of security and multi-cloud resilience. Temenos offers the ONLY platform able to offer cloud to cloud deployments for increased resilience and regulatory compliance.
Secure Software Development
Temenos is committed to the protection of our clients. We build and deliver secure software solutions applying internationally recognized security methodologies and best practices throughout the software development lifecycle (SDLC) such as OWASP and SANS. Our teams undertake combinations of dynamic application security testing and manual penetration testing to identify and remedy potential security vulnerabilities in applications, products or enhancements. Rigorous security testing is performed on external-facing interfaces and API’s.
ISO/IEC 27001 Certification
The Temenos SaaS enhanced certification demonstrates our commitment to putting customers first and operating responsibly. It shows that we consistently provide products and services that meet our clients’ needs, that we address risk and satisfy statutory and regulatory requirements.
The Cloud Security Alliance Cloud Controls Matrix (CCM) is specifically designed to provide fundamental security principles to guide cloud vendors and to assist prospective cloud customers in assessing the overall security risk of a cloud provider.
Temenos continuously assesses and documents its responses to illustrate alignment and compliance with the Cloud Control Matrix.
Temenos SaaS assists banks in navigating highly complex regulatory environments. International Standards provide frameworks around which we can build our controls, ensuring that we align to industry best practice, and can support our clients through compliance with regulatory bodies including FFIEC, EBA, FCA BaFIN, APRA, OSFI and SMV.
The Temenos SaaS provision of services and supporting contractual documentation are in compliance with the General Data Protection Regulation (GDPR).
The Temenos team monitors external security vulnerability awareness sites. As part of the routine vulnerability management process, our security team evaluates exposure to these vulnerabilities and takes swift action as necessary.
Temenos SaaS maintains a comprehensive Business Continuity Process, with an annual review of the business impact assessment, periodically tested and reviewed to ensure they remain current and effective.
We constantly maintain vigilant security monitoring to prevent, detect and respond to vulnerabilities and security events.
Our cloud service environments are monitored by a range of security tools, both by Microsoft and Temenos. These provide defense-in-depth, ensuring that security is monitored and managed at multiple tiers of the architecture.
Temenos subscribes to an immutable architecture, for accurate logging and auditing in all system processes. Immutability provides a tamper-resistant hardening of comprehensive Identity and Access Management policies and procedures.