Security, Hosting And Compliance

Emiko is operated as a secure cloud-based SaaS ecosystem for connected equipment, operational data, user access and digital services. Security is handled through a layered model covering identity, access control, hosting, backup, monitoring, supplier assurance and data processing review material.

Access And Administrative Control

Access to Emiko is controlled through roles, permissions and organisational scope. What a user can see and operate depends on the approved relationship, assigned role and granted access.

• Access can be limited by Emiko Organization, Emiko Site, equipment, service, time period or operating method.
• Administrative and operational access is restricted to authorised users.
• Relevant internal and administrative access can use two-factor or multi-factor protection where this is enforced.
• Internal administrative access is controlled through directory-based identity, restricted permissions and least-privilege principles.

Hosting Provider Assurance

Emiko is hosted in Curanet/team.blue Denmark infrastructure for the relevant Cloud Resource Pool environment. Curanet/team.blue Denmark provider assurance applies to the hosting and infrastructure provider scope for the relevant services.

• Curanet/team.blue Denmark operates an ISO/IEC 27001:2022 certified information security management system for relevant IaaS and infrastructure services.
• Curanet/team.blue Denmark provides ISAE 3000 and ISAE 3402 Type 2 assurance reports for relevant hosting, personal data processing and IT general control areas.

Layered Backup

Emiko uses a layered backup model for the relevant hosted environment. Detailed backup cadence, restore-point availability and Acronis storage location are described in Hosting, Backup And Restore.

Central Security Monitoring

Vikingegaarden uses centrally managed security tools, including ESET-based endpoint and server protection, to monitor protected systems, enforce security policies and respond to detected threats where relevant.

Documentation Available On Request

Further documentation can support onboarding, procurement, data processing review, NIS 2 supplier assessment or customer security review.

Detailed documentation may include hosting descriptions, supplier assurance documentation, backup descriptions, subprocessor information, data processing agreements, technical and organisational measures and security questionnaire responses.