Security and Compliance


We take our responsibility for the security of our client's data very seriously.

We understand how important security of your sensitive data is and ensure that all of your data is constantly secured and protected.


Physical Security

Fenorri uses AWS and Google Cloud for our hosting, and the security of the data centre is handled by Amazon and Google staff. Both Google and AWS have world-class standards for their data centre security. (Find out more information about AWS and Google Cloud security).


Operational Security

AWS has covered many certifications (HDS, HIPAA, ISO 27001, SOC 1, 2 and 3, etc. - click here to read more about AWS compliance). Google Cloud has also covered multiple certification (ISO 27001, ISO 27017, SOC 1/2/3, PCI DSS, HIPAA, etc. - click here to read more about Google Cloud compliance). Fenorri utilises documented change-management procedures, and access to user data is strictly limited. Fenorri staff must review our security policies and procedures on a regular basis, and agree to the policies listed within.


System and Software Security

Fenorri runs a hardened OS while applying critical security patches whenever required. Access to our servers is protected by strict security rules on an as-needed basis. No internet traffic is allowed to directly hit our servers. We utilise a WAF to mitigate against common attacks. An investigation is immediately performed in case of any unusual or suspicious behaviour.

We regularly test our solutions looking for security vulnerabilities. Fenorri software is kept up to date, and we employ multiple monitoring solutions to ensure the security of your data. We perform regular vulnerability assessments while fixing immediately any issues if found. Annual penetration tests are also performed to verify the security of Fenorri systems and software.


Employee Access

No Fenorri employees ever access client data, unless requested by the client either for support reasons or to provide any additional service (e.g. data migration, business process design, etc.). Fenorri support personnel may access your billing or contact information that you provide in Fenorri Customer Portal in order to provide you with the service, but they do not have any access to your corporate data (including all of your data that you manage in Fenorri, such as raw data, reports, business apps, your internal communication, corporate and user data, etc.).


Maintaining Security

We have full-time staff to help distinguish and prevent new attack vectors. New feature releases go through special testing and verification to identify any potential attacks, including XSS. We are taking great care about your security to ensure your data (raw data, reports, business apps, your internal communication, corporate and user data, etc.) are treated the way we would treat our own sensitive data.


Credit Cards

Our payment processing is handled by Stripe, PayPal or Holvi, which are PCI certified. We do not store any credit card information ourselves.


Contact Us

If you have any questions about our security and compliance, please contact us by email info@fenorri.com.

Would you like to get a beta invite?