Top-notch Security

Robust security features protects your data—letting you focus on things that matter.

Convene Application Security

Application Security

Convene grants its users full system ownership—from managing user roles and devices to setting system and security preferences.

Learn More

Cloud Infrastructure and Network Security

Cloud Infrastructure and Network Security

Government-approved cloud hosting, cloud data segregation and availability, 24/7 Intrusion Detection System, 24/7 Intrusion Prevention System, and back-up and recovery.

Learn More

Convene Security Governance

Security Governance

Convene has defined security policies, a designated security team, GDPR-compliant data processing procedures, business continuity measures, incident detection mechanisms, vulnerability management procedures and personnel security.

Learn More

Certifications

  • CMMI Level 5 Company - 2024-03-12 | Azeus Convene
  • AICPA certified
  • ISO 27001 Certified Logo
  • ISO 27017 Certified Logo
  • ISO 27018 Certified Logo

A Testament to Our Dedication to Security

Satisfied clients including FTSE 100 companies, Fortune 500 companies, banks, and governments in over 100 countries worldwide trust Convene as their secure board portal and meeting solution.

London Metal Exchange

Convene really prioritizes their clients as when we requested, Convene offered us segregated clouds, with master passwords for our IT team. This meant that we could take full ownership of the cloud and take any action if required. From a confidentiality perspective, there is central control of Convene from the Company Secretarial team. With Convene, We have the ability to control people’s permissions on documents, and that user control in general is much better with Convene, where disabling a license is a quick one stop process.

Kye Pearson
Company Secretary, London Metal Exchange

Community Trade Union

Information security is very important to us because we deal with members and their personal data. Everybody has got their own passwords, and as a system admin on Convene, I have fine-grained access control so I can block certain users whenever required. We only use our members iPads which we’ve installed a security lock on, to ensure data protection.

Anthony Ansar
IT Manager, Community Trade Union

Leading companies choose Convene

Fidelity International Ltd.
Emaar Hospitality Group
Children and Family Court Advisory and Support Service
America First Credit Union
Security
Convene's Security Features

Security

Equipped with advanced security features and end-to-end encryption, Convene’s multi-layered approach offers users high levels of data protection, access control, availability, and application security.

User Accounts and System Security Preferences

Application Security

Convene grants its users full system ownership — from managing user roles and devices to setting system and security preferences. Whether used on a mobile device, tablet, or desktop, Convene and all meeting processes are secure from any threats or vulnerabilities.

  • User Accounts and System Security Preferences

    User Accounts and System Security Preferences

    • Account Management

      Account Management

      Easily add and remove users from the system, assign them as General Users or System Administrators, and divide them into groups for easier management.

    • User Logs and Activities

      User Logs and Activities

      Track application and Admin Portal activity such as logins, document access, meeting changes, and profile updates. Generate usage reports through Audit Trail.

    • Password Policies

      Password Policies

      Ensure account security with customized password policies and password expiration periods.

    • Session Timeout and Sign-In Retries

      Session Timeout and Sign-In Retries

      Set session timeouts and limit sign-in retries to prevent unauthorized access to Convene.

    • Role Based Access Control

      Role Based Access Control

      • User Roles
        Configure system settings, customize access rights, and manage user accounts based on User Roles (General User or System Administrator).
      • Meeting Roles
        Define and limit what meeting participants can do during Live Meetings and with the board material by assigning Meeting Roles.
  • Document Security and Digital Rights Management

    Document Security and Digital Rights Management (DRM)

    • Copy Restrictions

      Copy Restrictions

      Prevent the copying of document content to other applications so as to minimize exposure of user data.

    • Watermarks

      Watermarks

      Selectively add customizable watermarks to documents in order to discourage misuse of sensitive material.

    • Secure Document Signing

      Secure Document Signing

      To prevent signature fraud, Convene requires users to provide their credentials before signing with an E-Signature. Users can also set Convene to timestamp their signatures.

    • Scheduled Archival and Disposal

      Scheduled Archival and Disposal

      Schedule the archival and disposal of documents to avoid unauthorized access of files in specific Meetings, Review Rooms or Resolutions.

    • Multi-Level Encryption

      Multi-Level Encryption

      • Data at Rest
        Documents are protected with AES 256-bit encryption when stored in Convene’s local storage and web portal.
      • Data in Transit
        Wireless network transmissions to and from Convene are protected with RSA 2048-bit Transport Layer Security (TLS) encryption.
      • Key Management
        Documents are secured with the use of three-tier key management with a random document key, user key, and system key.
    • Document Access

      Document Access

      • Document Library
        Limit who can view, download or edit individual files or folders in the Document Library.
      • Meetings
        Assign Meeting Roles to limit who can view, download, forward, export, and print specific agenda items and documents from meetings.
      • Secure Agenda Contribution
        Meeting participants and organizers can be restricted from viewing classified or sensitive agenda items within a meeting.
  • Device Security

    Device Security

    • On-the-fly Decryption Model

      On-the-fly Decryption Model

      When a user needs to access encrypted files on storage, only the needed parts are decrypted into memory.

    • Jailbreak and Root Detection

      Jailbreak and Root Detection

      Convene is able to detect whether a mobile device has been jailbroken or rooted and will not run on these devices.

    • Measures to Secure Lost or Stolen Devices

      Measures to Secure Lost or Stolen Devices

      • Remote Data Wipe and Automatic Purge
        Remotely delete stored offline data downloaded to a device in case it is lost or stolen.
      • Re-Authentication
        In the case of lost or stolen devices, session timeouts render data inaccessible unless the device is re-authenticated.
  • Secure User Authentication

    Secure User Authentication

    • User ID and Password

      User ID and Password

      Convene only allows members with registered user accounts to log in to the system using their own unique password.

    • SAML Single Sign-On (SSO)

      SAML Single Sign-On (SSO)

      Eliminate the need to repeatedly type in passwords per login through a streamlined single sign-on process using SAML 2.0.

    • Biometric Authentication

      Biometric Authentication

      Do away with the inconvenience of typing login information with Touch ID or Face ID (iOS) or fingerprint scanning (Android) for mobile devices.

    • Active Directory Integration

      Active Directory Integration

      Through Active Directory (AD) integration, users no longer have to remember another set of credentials, while organizations can ensure that only registered users have access to Convene.

    • Multi-Factor Authentication

      Multi-Factor Authentication

      • One-time Pin (OTP)
        Receive and enter a one-time verification code, which is securely and instantly delivered to your registered mobile number, before logging in to Convene.
      • Device Registration
        Selectively restrict access to Convene to previously registered devices and/or browsers.
      • Time-Based One-Time Password (TOTP)
        Use the authenticator application of your choice to secure your Convene account.
Cloud Infrastructure and Network Security

Cloud Infrastructure and Network Security

Convene offers government-approved cloud hosting, cloud data segregation and availability, 24/7 Intrusion Detection System, 24/7 Intrusion Prevention System, and back-up and recovery.

  • Enterprise-Grade Cloud Hosting

    Enterprise-Grade Cloud Hosting

    Convene has partnered up with the leading provider of cloud services in the industry, Amazon Web Services (AWS), to guarantee that client data is protected on all levels.

    • Amazon Web Services (AWS)

      Amazon Web Services (AWS)

      • Capable of analysing billions of events and continuous streams of meta-data to detect, prevent and defer any form of cyber-attacks regardless of size
      • Ranks highly on platform configuration options, monitoring and policy features, security and reliability
      • Preferred choice of government institutions and multinational companies worldwide

      Convene cloud global infrastructure is located in ISO-certified (ISO 9001, 27001, 27017 and 27018) and AICPA (SOC 1/2/3) compliant hosting facilities worldwide which are audited under the SSAE-18 standards.

      • Asia (Singapore)
      • Australia (Sydney)
      • U.S. (North Virginia)
      • Canada (Montreal)
      • Europe (United Kingdom & Ireland)

      Each physical hosting facility is protected and monitored 24/7 by professional security staff, video surveillance, intrusion detection systems, two-factor authentication, and many more. Client data is protected by an additional security layer with AWS’ EBS Encryption and is also segmented and stored separately from each other to ensure that data does not leak or overlap.

  • Cloud Data Segregation

    Cloud Data Segregation

    Each Convene client has its own single-tenanted environment—with its own set of data schemas, protected with individual authentication credentials and completely unique keys—to ensure that data is separated from other organisations. All client environments are protected by security firewalls, with only specific ports and addresses allowed.

  • Cloud Data Availability

    Cloud Data Availability

    With AWS Cloud Hosting, Convene is able to store client data on multiple availability zones. Each availability zone is composed of at least one data centre with independent power and internet sources to make certain that no single point of failure and to provide high availability and durability at all times.

  • 24/7 Intrusion Detection System (IDS)

    24/7 Intrusion Detection System (IDS)

    The 24/7 Intrusion Detection System (IDS) monitors access logs for common malicious attack patterns and notifies the System Team of any suspicious activity.

  • 24/7 Intrusion Prevention System (IPS)

    24/7 Intrusion Prevention System (IPS)

    The Convene cloud infrastructure is protected with an Intrusion Prevention System (IPS) that scans traffic and blocks any suspicious traffic, including uploads containing malware. Uploaded files are automatically scanned by services provided by Trend Micro.

  • Back-up and Recovery

    Back-up and Recovery

    Daily automated backups are done to ensure data integrity, while unused or obsolete archives are destroyed and replaced to prevent unauthorised retrieval.

Security Governance

Security Governance

Convene has defined security policies, a designated security team, GDPR-compliant data processing procedures, business continuity measures, incident detection mechanisms, vulnerability management procedures and personnel security.

  • Defined Security Policies

    Defined Security Policies

    Convene has documented security policies and procedures in place to ensure the confidentiality, availability, and integrity of the system. All employees are trained and oriented to strictly adhere to these policies.

  • Designated Security Team

    Designated Security Team

    Under the supervision of the Azeus Chief Security Officer, Convene has a security team assigned who is responsible for ensuring staff compliance with security policies and procedures, protecting customer data, and regularly reviewing the effectiveness of security policies and procedures.

  • Data Processing

    Data Processing

    Convene’s data processing procedures are compliant with the GDPR and are overseen by a Data Protection Officer.

  • Business Continuity Measures

    Business Continuity Measures

    Convene’s Business Continuity Plan ensures that support services operate continuously in order to serve all customers at all times.

    • Daily Automated Backups*

      Daily Automated Backups*

      Customer data is automatically backed up daily to ensure system integrity.

    • Availability Zones and Data Redundancy*

      Availability Zones and Data Redundancy*

      Convene leverages AWS’ (Amazon Web Services) availability zones in its cloud infrastructure to restore services during disaster situations to ensure high reliability and availability. These data backups are copied to another AWS location within the same region and remain encrypted are stored using Amazon Web Services S3 (Simple Storage Service).

    • Disaster Recovery*

      Disaster Recovery*

      The Convene System Team conducts annual Disaster Recovery drills to test and improve the Disaster Recovery plan so that the Recovery Time Objective (RTO) and Recovery Point Objective (RPO) are met.

      *Security Measures are for Convene Cloud Environments only.

  • Incident Management

    Incident Management

    Monitored 24/7, Convene’s detection mechanism alerts the Support Team to any incidents that are then forwarded to the System Team for immediate resolution. Users can also report any incidents via chat, email or phone.

    *This Security Measure is for Convene Cloud Environments only.

  • Vulnerability Management

    Vulnerability Management

    Convene’s servers regularly undergo several security tests and are hardened following security benchmarks from the Center for Internet Security.

    • Internal Security Testing and External Penetration Testing*

      Internal Security Testing and External Penetration Testing*

      The Convene infrastructure is regularly tested and scanned for vulnerabilities by the Convene Systems Team, and is subjected to external penetration testing by independent third parties. Customers may also request for a copy of the results or perform their own security testing and pass their findings to Convene.

    • Application Development

      Application Development

      Convene was designed, developed, and tested for vulnerabilities against the Open Web Application Security Project (OWASP) Top 10 and Common Vulnerabilities and Exposures program. Convene’s System Team works with the Security Team to perform scans immediately after every major release and implement patch management procedures for critical vulnerabilities (Example: Spectre 2018).

    • AWS Vulnerability Scans

      AWS Vulnerability Scans*

      Using a variety of scanning tools, AWS performs regular vulnerability scans on the host operating system, web application, and databases in the AWS environment. The AWS security teams are subscribed to news feeds for applicable vendor flaws, and also proactively monitor the vendor’s website and other relevant outlets for new patches.

      *Security Measures are for Convene Cloud Environments only.

  • Personnel Security

    Personnel Security

    All Convene employees are subject to criminal background checks and are bound by an agreement to uphold the company’s privacy policy and protect the confidentiality of customer data.

    • Security Awareness Training

      Security Awareness Training

      New staff members are required to undergo a security awareness training that discusses common security attacks, social engineering tactics, detection and prevention of attacks, and procedure for reporting.

    • Role-specific Security Training

      Role-specific Security Training

      Convene developers and system engineers regularly undergo training so that they are updated on industry-standard security practices.

Keeping your data secure is our top priority

Learn how Convene can give your boards a superior meeting experience. Enquire for a free demo with no cost or obligation.

Book Demo Now