<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=5292226&amp;fmt=gif">
Skip to content
  • There are no suggestions because the search field is empty.
Security

Enterprise-grade security for industry leaders

When partnering with SPREAD, you can be assured of the highest security and privacy standards.

Trusted by

 

Compliance

Certified enterprise-grade security

Trusted Information Security Assessment Exchange

The Trusted Information Security Assessment Exchange (TISAX) is a standardized information security model for the automotive industry, created by the German Association of the Automotive Industry (VDA) and the European Network Exchange (ENX). TISAX assessments, conducted by accredited auditors, evaluate organizations' information security management systems (ISMS) based on the VDA Information Security Assessment (ISA) catalog, aligned with ISO/IEC 27001. Results are shared on the TISAX platform, allowing automotive supply chain participants to verify compliance.

ISO/IEC 27001 ISMS Certification

ISO/IEC 27001 is a global standard for managing information security, detailing requirements for establishing, maintaining, and improving an Information Security Management System (ISMS). Certification involves implementing security measures, undergoing audits, and ensuring continuous improvement. The certification attests that companies comply with best practices to secure various types of information like financial information, intellectual property, employee details, or any other information entrusted from third parties.

SOC 2 Type II

SOC 2 Type II is an auditing standard developed by the AICPA that evaluates how well a company implements and maintains controls related to security, availability, processing integrity, confidentiality, and privacy over a defined period. The assessment involves independent auditing of internal systems and processes, demonstrating ongoing operational effectiveness. Achieving SOC 2 Type II attests that a company consistently safeguards customer data according to rigorous trust service criteria.

 Ongoing – Completed by Q3 2025

General Data Protection Regulation (GDPR) Compliant

GDPR (General Data Protection Regulation) is an EU regulation protecting personal data and privacy of EU and EEA (European Economic Area) citizens. It sets strict rules for collecting, processing, storing, and transferring personal data and gives individuals more control over their data. Non-compliance can lead to hefty fines. At SPREAD, we comply fully with GDPR and regularly audit our processes to ensure ongoing compliance.

Hosting Options

Flexible hosting options that meet your needs

SPREAD Cloud

This is the simplest, most common, and most cost-effective way to use SPREAD’s products.

Client Cloud

SPREAD also offers a managed deployment in your own cloud environment.

Custom & On-Premise

This is perfect if you are looking for a tailor-made solution that fits your operations.

Security Measures

Ensuring that your data stays secure

State-of-the art data encryption and separation with daily backups

A Robust role-based access with secure single sign-on

Daily vulnerability scans and annual penetration testing

24/7 monitoring with automated alerts and dedicated security team

FAQ

See more FAQ’s

How is the security of SPREAD products tested?

Does SPREAD have any rights to my data?

How is SPREAD protected against cyber attacks?

Which SPREAD deployment option is right for my business?

Can we use multi-factor authentication for sign-in to SPREAD?