SkySparc Secures Majority Growth Investment to Accelerate and Drive AI-Powered Finance Transformation
Read more

Skysparc IT and information security

At SkySparc, we are committed across all areas of our operations and offerings to meeting the highest market standards in IT security, information security, and regulatory compliance including frameworks such as DORA, ESMA, and GDPR.
SkySparc has been an ISO 27001 certified organization since 2021. The certification is conducted by SBcert.

Our IT solutions are designed to meet stringent requirements for data integrity, confidentiality, and service availability. The foundational elements of our security architecture include:

  1. Redundancy
    All components are duplicated, and production is always distributed across multiple data centers with real-time mirrored data (synchronous redundancy), ensuring high availability.
  2. Professional Data Centers
    All production is hosted in certified data centers with security levels 2 or 3, in accordance with MSB - Swedish Civil Contingencies Agency.
  3. Data Residency
    All data is stored within Sweden or the EU to comply with regulatory requirements.
  4. Backup Strategy
    All backups are at least duplicated and physically separated from production environments.
  5. Advanced Security
    Market-leading security solutions are active across all layers, public services, networks, servers, and workstations. Monitoring is continuous (24/7/365) with an incident response team on standby.
  6. Access Control
    Administrative processes are based on a role-based model using personal accounts with minimal privileges. Privilege elevation is strictly controlled and monitored.
  7. Device Compliance
    Only approved workstations and tools that meet strict policy requirements are granted access to services.
  8. Authentication
    All authentication methods are based on at least two-factor authentication or higher.
  9. Penetration Testing
    Regular penetration tests and vulnerability assessments are conducted to continuously harden all system components.
  10. Ongoing Security Operations
    Security is embedded in daily operations, supported by IT and information security policies, incident management, risk assessments, and regularly tested and updated business continuity plans.
  11. Third-Party Audits
    Annual ISO 27001 audits include third-party reviews of production processes, organizational structure, systems, and documentation.