Foleon Security Policies overview

Foleon is a software as a service (SAAS) organization that places information security at the core of its operations. The company has always protected data privacy for its customers and the increased attention on these topics is seen as beneficial for all parties. Foleon has implemented a formalized Information Security Management System (ISMS) to ensure the secure handling of sensitive information.

The company has documented procedures and policies, conducted regular checks and audits, assigned specific responsibilities to owners, and introduced a risk assessment procedure to continuously improve its information security controls. Being ISO 27001-compliant also helps Foleon comply with regulations such as GDPR and fulfill its obligations with clients and suppliers.

Joost Galama | CTO

Jeroen Bulters | Information Security Officer

Documents

Application security

Foleon offers a content creation and publishing platform. Users of Foleon can create publications (Foleon Docs) that are intended to replace the role that PDF documents fill in traditional internal and external company communications. Foleon offers a number of additional features in terms of controlling access to publications, performing analysis on document viewing/reading and offers an integrated publishing workflow.

More information

Web security

TLS 1.2 protocol, using 2048-bit RSA keys and AES encryption.
Sensitive cookies are set with secure and HTTPS-only flags for all Foleon platform services.
Special care is taken to prevent Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), and SQL Injection.