Editor’s note: The following is a summary of a recent Gartner report on emerging technologies and featuring Digital Asset, produced by Gartner analysts Rajesh Kandaswamy, Balaji Abbabatulla, and...
Digital Asset Trust Center
Digital Asset understands and appreciates the importance
of security to our clients, which is reflected in how we
architect, design, develop, build and distribute our products
and services; and in how we protect our staff, our locations, our client’s confidential data, and our network and infrastructure.
Information Security Program
Our security team are active members of some of the most prominent security and privacy groups in the world: ISC2, ISACA, OWASP and IAPP, building on frameworks and guidelines provided by the Center for Internet Security, Cloud Security Alliance, International Standards Organization and the US National Institute of Standards and Technology for security, privacy, and global risk management.
Digital Asset has a full-time CISO and Security Team, who operate the InfoSec Program, covering all aspects of physical, logical, data, and technology security. All IT Security policies are reviewed and acknowledged by staff annually. Security training pumps through the arteries of the firm as foundational life-blood with regular, high-quality security awareness blogs and training distributed both internally and externally.
Data privacy & security
The privacy and security of data we collect about you or that you share with us, is very important to us. We use industry best practices to secure and protect the information and risk assess all service providers we use.
Industry-leading ISO27001 Certification signals Digital Asset’s ongoing commitment to security, risk management, and best practices for data management across the organization.
VIEW OUR CERTIFICATE >
As risk changes in our environment so do Digital Asset mitigation and remediation strategies, with department heads involved regularly every step of the way. Resources are focussed, or redirected as quickly and comprehensively as warranted. The Digital Asset Risk Committee meets regularly to review changes in business strategies, priorities, technology use and operating environment.
Our customers include large enterprises with strict regulatory and compliance requirements, many of whom are systemically important to their markets. The security of our products and services is paramount.
Daml is a platform for building multi-party applications. It extracts and simplifies business processes to make data accessible and optimizes workflows using smart contracts. Privacy and security provide the foundational guardrails for the Daml ledger model, offering secure transactions and privacy by design.
Secure by design
At every stage of design, Digital Asset injects the principles of secure product development into Daml. Each design phase is modeled on cutting-edge best practices, with security as a key ingredient. We work with our customers to understand any nuances of their requirements or environments.
Digital Asset has employed globally renowned experts who conceived the foundation for the language and ledger model, ensuring secure, private transactions. Independent, third-party security audit and examination confirm the process and procedures used and provide ongoing guidance.
Digital Asset constantly refines and redefines its Secure SDLC program to incorporate the latest security tooling and industry best practices. Our CI/CD pipelines include gated releases with mandatory peer reviews, restricted access to infrastructure, high security credentials and signing keys, ephemeral build nodes, vulnerability scanning, license checking, and change approval processes.
Resources, articles, and blogspots
Central bank digital currency (CBDC) exploration is entering a new phase, as multiple pilot programs explore different use cases within and across markets.About CBDCAs a digital form of central bank...
As distributed ledger technology (DLT) matures, the benefits become clearer on a broader range of use cases. Many of these applications are lower-profile than trading and can seem, frankly, sort of...