Built for maximum Security & Compliance in the cloud.

Parashift was developed with a security-first approach to allow companies to process sensitive customer data in the cloud. That’s why banks, insurance companies and healthcare providers trust Parashift.

Talk to an InfoSec & Compliance expert
Product Security
Product Security

Infrastructure Security
Infrastructure Security

Organizational Security
Organizational Security

Data and Privacy
Data and Privacy

We're here to help with InfoSec & Compliance assessments.

We’ve helped 50+ companies on their journey to process documents in the secure Parashift cloud. We understand the concerns Enterprises have when they adopt cloud solutions and we know how to address them from the Information Security and Compliance perspective.

“Whether you specify your own assessment process or you need guidance from us, we provide active support for your risk assessment.”

Andy Isenring

Data center certifications

ISO 27017
ISO 27110
ISO 27018
Text: SOC 1/2/3
HIPAA
PCI DSS
CSA STAR
C5:2020

Product Security

Delete your documents and associated data without losing the training data.

Parashift has developed its own training data format that represents the training data, but no longer allows any conclusions to be drawn about the original data. For this reason, you can process documents that contain CID and learn from them in the long term without exposing the data to the cloud for an unnecessarily long time.

Restrict the IP range from which your tenant can be accessed using IP whitelisting. This prevents users outside your network infrastructure from logging on to Parashift.

Integrate your own OpenID-based identity provider to centralize identity management and provide a seamless user experience for authentication.

Parashift offers a wide range of authentification methods:

Password-based authentication
Users need at least one password to log in to their client. Parashift employees as well.

Multi-factor authentication
In addition, users can activate 2FA authentication. For Parashift employees, this access security is enforced. After the respective login, all users receive a bearer token.

API communication – HTTPS client authentication
Parashift uses HTTPS for all communication to help guarantee confidentiality,  authenticity, and integrity. It also enhances privacy for applications and users using the API. For APIs that support cross-origin request sharing (CORS) or JSONP  requests, it also ensures the requests are not blocked as mixed content.

HTTP basic authentication
Parashift webhooks can use HTTP but do not contain any sensitive information.

API access token
Integrations use API keys, which users can generate (and can rotate) themselves. Access tokens are suitable for applications where many users require access. They are secure and easy to work with from an end-user perspective.

Encryption by default, at rest, and in transit.

We encrypt data in transit between facilities and at rest to ensure that it can only be accessed by authorized roles and services with verified access to encryption keys.

Parashift is conducting an annual penetration test by a neutral company since product  launch in 2021 to identify corresponding vulnerabilities and take prophylactic measures.

The last official penetration test took place in July 2023. The report and the detailed evaluation will be handed out upon request. The penetration tests are performed in the first half of each year

Parashifts formal policies outline the requirements for the functions related to IT / Engineering: vulnerability management, system monitoring, security monitoring.

Infrastructure Security

Parashift uses an intrusion detection system to provide continuous monitoring of the company’s network and early detection of potential security breaches.

Parashifts platform IT operations are replicated to a secondary data center in real-time. Alerts are configured to notify administrators if replication fails.

Parashift restricts privileged access to encryption keys to authorized users who need emergency access as super admins.

Parashift restricts privileged access to networks to authorized users only who need emergency access as super admins. Software Engineers do not have access to client data.

Parashift uses a log management tool to identify events that could potentially impact the organization’s ability to meet its security objectives.

Firewalls are essential for several reasons: they block unauthorized access, enforce access control, detect and block suspicious activities, and provide an additional layer of defense against cyberattacks.

An intelligent backup mechanism is implemented to provide a fast desaster recovery procedure.

Organizational Security

The Business Continuity Policy of Parashift AG ensures the establishment of objectives, plans, and procedures to minimize disruptions to key business activities. It encompasses all infrastructure and data within the organization’s information security program and applies to management, employees, and suppliers. The policy emphasizes the importance of business risk assessment, disaster recovery planning, and data backup and restoration plans for maintaining business resilience.

Parashift’s hiring process involves a comprehensive 3-part assessment for new employees. This includes the submission of self-declaration/CV, a series of interviews conducted by at least 6 individuals, and a separate skill assessment. Reference calls and criminal record extracts are also part of the assessment.

Additionally, Parashift conducts annual assessments of its employees, including updated criminal record extracts and reiteration of bank-client confidentiality provisions. All employees undergo annual data privacy and protection training, which is logged and confirmed by the employee.

Risk analysis plays a critical role in Parashift’s operations as it allows the organization to identify and proactively manage potential issues that could impact its IT infrastructure. By conducting a thorough assessment, Parashift can identify various threats, including structural, technical, human, and natural threats, and estimate their potential risk exposure.

Based on the analysis, appropriate risk management procedures are implemented, including protective measures to reduce the likelihood of risks, mitigation measures to minimize the severity of disasters, recovery activities to restore systems and infrastructure, and contingency plans to guide actions in case of disruptive events or disasters. Through IT risk analysis, Parashift ensures the resilience and security of its IT environment.

  • A6.1 SAST backend: Evidence related to Static Application Security Testing (SAST) on the backend.
  • A6.1 SAST frontend: Evidence related to Static Application Security Testing (SAST) on the frontend.
  • Acceptable Use Policy – Roles and Responsibilities: Outlines roles and responsibilities for acceptable use of company resources.
  • Access Onboarding and Termination Policy: Guidelines for granting and revoking access during employee onboarding and termination.
  • Access Review Meetings: Evidence of access review meetings to ensure appropriate access privileges.
  • Approved Tools Policy: List of approved tools and software for employees’ use.
  • Asset Inventory Confluence: Management and documentation of company assets using Confluence.
  • Breach Policy: Procedures to be followed in the event of a security breach or incident.
  • Business Continuity Policy: Objectives and procedures to ensure minimal disruption to key business activities during emergencies.
  • Code of Conduct Policy: Expected standards of behavior and ethics for employees.
  • Data Classification Policy: Guidelines for classifying and protecting sensitive data.
  • Disaster Recovery Policy: Strategies and procedures for recovering IT systems and operations after a disaster.
  • Encryption Policy: Requirements and guidelines for encrypting sensitive data.
  • Information Security Policy: Principles and guidelines for information security management.

Data & Privacy

Parashift operates in full compliance with the EU General Data Protection Regulation (EU-GDPR), ensuring that all data processing activities adhere to the principles and requirements set forth by the regulation.

We prioritize the protection of personal data, respect individuals’ rights, implement appropriate security measures, conduct necessary assessments, and maintain documentation in accordance with the EU-DSGVO.

Our commitment to data privacy and protection enables us to provide a trustworthy and compliant environment for our customers and stakeholders.

Parashift maintains a Data Classification Policy to ensure the proper handling and protection of sensitive information. This policy outlines guidelines for categorizing data based on its level of confidentiality, allowing for appropriate security measures to be implemented.

By classifying data, Parashift can apply the necessary controls and safeguards, such as encryption or access restrictions, to protect sensitive information from unauthorized access or disclosure.

The Data Classification Policy reflects Parashift’s commitment to data privacy and security, helping to mitigate risks and maintain the confidentiality, integrity, and availability of valuable data assets.

Parashift requires all clients to sign Data Processing Agreements (DPAs) to ensure the protection and proper handling of personal data. These agreements outline the responsibilities, obligations, and safeguards for processing client data in accordance with applicable data protection laws, such as the EU General Data Protection Regulation (GDPR).

By requiring DPAs, Parashift establishes a clear understanding between the organization and its clients regarding the handling, security, and confidentiality of personal data. This commitment to data protection helps build trust and transparency in the client relationship, ensuring that personal data is processed in a compliant and secure manner.

Parashift has implemented additional procedures to ensure prompt and effective handling of Data Breach Notifications. In compliance with data protection regulations, such as the EU General Data Protection Regulation (GDPR), Parashift has established processes for detecting, assessing, and reporting data breaches.

These procedures enable the organization to respond quickly, notify the relevant authorities within the mandated timeframe, and take appropriate actions to mitigate the impact of the breach on individuals’ rights and freedoms. By having robust Data Breach Notification procedures in place, Parashift demonstrates its commitment to transparency, accountability, and the protection of personal data. So far no data breach has happened withing Parashift.

Parashift is equipped to assist with Data Transfer Agreements, ensuring the secure and lawful transfer of personal data. In accordance with data protection regulations, such as the EU General Data Protection Regulation (GDPR), Parashift understands the importance of safeguarding data when it is transferred outside the European Economic Area (EEA).

By providing guidance and expertise, Parashift helps clients navigate the complexities of cross-border data transfers. The organization helps assess the adequacy of data protection measures, implement appropriate safeguards, and establish legally binding agreements to protect personal data during international transfers. Parashift’s expertise in Data Transfer Agreements ensures compliance with regulations and promotes the secure exchange of data across borders.

Parashift pays meticulous attention to customer data deletion, prioritizing the secure and permanent removal of customer data from its systems. Recognizing the importance of data privacy and the rights of individuals, Parashift implements robust processes and controls to ensure the proper deletion of customer data upon request or at the end of the agreed retention period.

By adhering to data protection regulations, such as the EU General Data Protection Regulation (GDPR), – also in Non-EU countries – Parashift ensures that customer data is handled with utmost care and is promptly and securely deleted in compliance with legal requirements. This commitment to customer data deletion reflects Parashift’s dedication to data privacy and customer trust.