COMAsystem always recommends using 2FA for login or setting up Single Sign On (SSO) with your company’s Active Directory. This provides a better overview and easier management of which users have access.
You can always keep track of COMAsystem’s uptime at status.comasystem.dk.
We strive for an uptime above 99.99%
COMAsystem has several different redundant backup systems. Backup data is stored encrypted and geographically separated in Denmark only.
Penetration tests (pentests) are regularly performed by recognised specialists in the field. For example, pentests are performed by the “White Hat Hacker” from BDO.
Using pentests, we take an active stance on system security and the variable risks to which IT systems can be exposed.
Welcome to COMAsystem’s responsible disclosure policy. We take pride in maintaining the highest security standards for our service and customers. We actively encourage our users and security researchers to help us identify and fix potential vulnerabilities in our system.
We recognise the importance of security and appreciate all efforts to help us improve it. To maintain a clear and focused purpose in our responsible disclosure policy, we define the following attacks as out of scope:
DOS / DDOS: Attacks that aim to overload our systems or networks.
Spamming: Unsolicited mass mailing of data or content.
Social Engineering: Manipulation of individuals to reveal sensitive information or perform actions.
Physical attacks on equipment or people: Attacks on physical devices or individuals.
Already known vulnerabilities in non-applicable libraries: Vulnerabilities in third-party libraries that do not have a direct application in our service.
Attacks that require physical access to an employee’s devices: Attacks that can only be performed with direct access to an employee’s physical devices.
We encourage security researchers, users and anyone who discovers possible vulnerabilities in our system to report these to us in a responsible manner. This allows us to address potential threats before they can be exploited and improve security for all our users.
If you discover a potential vulnerability, we kindly ask you to:
We appreciate your help in making our service safer for everyone. Together, we can work towards protecting our systems and users from potential threats.
Intuitive CLM software for businesses looking to centralise and streamline contract workflows to save time, reduce costs and comply with GDPR
Rovsingsgade 68, DK-2100 Copenhagen Ø
[email protected]
(+45) 69 15 99 60
VAT-number. DK33865279
