The safety of your account, your money, and your data is a top priority for us. As a financial institution, we take every necessary precaution to make Bondora’s online services secure, so you can have peace of mind knowing that your money and information are safe with us.
We recently received a couple of security-related questions at the 2022 Invest Finance Fair in Stuttgart. Knowing we have an invested community who likes staying informed, we decided to share those questions and answers here:
1. What happens if the Bondora office gets destroyed?
If disaster strikes and one of our offices gets destroyed, our everyday work will be slightly disrupted, but technically nothing will happen. We are a proudly digital company and keep no crucial documents and contracts on physical files. All our data is in our data center or cloud, so all the information we need remains safe.
Bondora’s online network and server infrastructure are hosted at Virtion GmbH, Germany. To maximize reliability, the primary center and the backup center are based in separate locations in Germany. Virtion is ISO 27001 certified, and Bondora´s network and server infrastructure is designed and built to be fully redundant. (Read more here.)
So even though we would need to work from home (everyone has company-issued laptops), with fewer face-to-face meetings, and it might be uncomfortable for a while, we can all work remotely, and Bondora will continue to operate smoothly.
2. What happens if our servers are destroyed?
If the servers are destroyed, our systems will be down for a limited time. Configuring the new site (network, servers, etc.) and restoring from off-site backup will take some time, but we will be able to restart our services within days with minimal or no loss of transactions.
We are considering duplicating/moving some of our systems into the cloud, making the destruction of servers almost impossible. But, if it should happen, then restarting our services will only take a couple of hours.
3. Do we make data backups?
Yes. We have hot and cold backups both on- and off-site, and we try to keep our database transaction backup window as small as possible.
4. What are our anti-hacker measures? What if someone hacks us? E.g., can someone inject some malicious code and get all the sensitive information or transfer all the money out?
There is always a risk of hacking, but we try to minimize both the risk and the impact.
- For risk – we use static code analysis and code reviews. We regularly ask our partners to perform penetration testing and do IT audits.
- For impact – we have set relevant bank limits, and we constantly monitor all suspicious activity in banks.
We are happy to say that we have not experienced any security breaches that negatively impacted our customers or our business. If something does occur in a rare event that directly impacts our customers, we will keep you informed and be as transparent as possible within legal requirements. (If there’s a criminal investigation, we might be obligated by law not to reveal certain information to the public).
As you can see, we have multiple procedures in place to ensure Bondora is a safe and secure platform that you can trust. Of course, practicing good online safety also remains a personal responsibility. We encourage all our customers to choose strong passwords, keep them private, and not re-use passwords for different accounts.