Data is the most important corporate asset: it contains the company’s know-how, experience, history and competitive advantage.

We give the highest priority to the protection of customer corporate data and develop ad-hoc backup and restore solutions:

• The retention policies required by your organisation and its work processes
• Remote setting-up of backup for sites in different geographical areas
• The preventive implementation of restore plans
• The most efficient compression and encryption methods
• The most suitable media (optical, magnetic, in cloud, etc.).
• Cyclical or permanent physical custody of backup media in a safe environment

We propose firewall architecture implemented on Linux distributions that are particularly secure and stable, ensuring a high level of protection of the network against intruders, unauthorised connections and various types of cyber attack.

The firewalls:

• Are extremely flexible and allow wide-ranging customisation options (policy, enabling/disabling of services etc.).
• Allow access to shared and profiled internet (through the assignment of specific policies for the types of corporate users) that is optimised and filtered (using proxy systems that authorise access to web resources in a timely and safe manner, adopting antivirus systems to protect navigation)
• Allow VPN (Virtual Private Network) configuration both in point -to-point (for connecting LANs in different locations) and telecommuter mode
• Allow consultation of advanced statistics on access to the Internet 

Through our Data Centre, we offer customers dedicated and cutting-edge content filtering for their e-mail in order to increase the level of security (antivirus) and to optimise the volumes and management (spam protection): the flow of incoming email is appropriately diverted and filtered by our systems, to then be routed, after spam and viruses have been eliminated, to client mail servers (within or external to the company), which are not burdened with additional verification activities.

The service involves whitelist, blacklist and greylist use and management, as well as the ability to handle specific exceptions at based on customer requests. 

We provide consultancy for defining, in agreement with the main company departments, a Business Continuity Plan to ensure the continuity of the company should force majeure events occur.
We identify the potential risks, the points of failure, the critical business processes, and work out a contingency plan that:

• Increases the responsiveness and adaptation by the organisation should large-scale events occur
• Ensures the company has the opportunity to continue its business activities in the event of the sudden unavailability of services, infrastructures and data
• Aids decision-making in the event of a crisis
• Minimises downtime
• Ensures the effectiveness of recovery processes

We define disaster recovery plans as part of a business continuity plan in order to ensure, through the adoption of appropriate technological measures and organizational processes, the continuation of the provision of IT services.
Disaster recovery involves the redundancy of production systems in a separate data centre (disaster recovery site) and automatic processes for data synchronization, in order to make the information systems of the primary site unusable should a force majeure event occur, and making the secondary site services accessible and usable within certain timescales, as well as minimising data loss. 

We provide consultancy for defining, in agreement with the main company departments, a Business Continuity Plan to ensure the continuity of the company should force majeure events occur.
We identify the potential risks, the points of failure, the critical business processes, and work out a contingency plan that:

• Increases the responsiveness and adaptation by the organisation should large-scale events occur
• Ensures the company has the opportunity to continue its business activities in the event of the sudden unavailability of services, infrastructures and data
• Aids decision-making in the event of a crisis
• Minimises downtime
• Ensures the effectiveness of recovery processes

We define disaster recovery plans as part of a business continuity plan in order to ensure, through the adoption of appropriate technological measures and organizational processes, the continuation of the provision of IT services.
Disaster recovery involves the redundancy of production systems in a separate data centre (disaster recovery site) and automatic processes for data synchronization, in order to make the information systems of the primary site unusable should a force majeure event occur, and making the secondary site services accessible and usable within certain timescales, as well as minimising data loss. 

Regarding compliance with regulations and standards, we provide consultancy support through the verification, definition and application of the following rules, regulations and best practices:

• Ue 2016/679 - General Data Protection Regulation (GDPR)
• Legislative Decree 231/ 01 – Regulations regarding the administrative responsibility of entities
• Legislative Decree 56/ 04 - Prevention of the use of the financial system for money-laundering
• ISO 27001 - Information Security Management
• PCI/DSS - Payment Card Industry Data Security Standard
• SOX - Sarbanes Oxley
• Solvency II

In a global context in which issues regarding privacy, breach of security and fraud are becoming increasingly important, we propose solutions that ensure companies and their employees, customers and suppliers may obtain easy but secure access to sensitive information from anywhere, at any time and from any device.

The advanced systems for identity authentication that are integrated with the customer’s information systems are scalable, dynamic, and secure, and they are a key component for secure access to company data and systems.

These systems provide access to sensitive company data only to authorised persons through the adoption of hybrid systems which require the use of certificates, OTP tokens (one-time passwords), information known to the user, in cloud information. 

In relation to the application of the new European regulation GDPR (General Data Protection Regulation - EU Regulation 2016/679), in force since May 25, 2018, the need for a rigorous tracking of digital identities becomes increasingly evident. The certification, through digital signature with legal validity, of the identity of the signer of a document is one of the tools whose application will have to be increasingly spread within public and private companies. For this reason Sinapto has chosen to become a partner of Aruba PEC S.p.A. and provide the remote digital signature service. Within the partnership Sinapto has achieved certification for operators O.D.R. (Registration Operator). The service can be integrated into all the software developed and supplied by Sinapto.