Elevate your cybersecurity with Sage. Understand how we secure software and its infrastructure against current cyber threats and how you can make the most of industry-leading cybersecurity knowledge and expertise.
Our security team keeps your data safe and secure so you can focus on achieving your business and technology goals.
Our dedicated security team ensures the confidentiality, integrity, and availability of your data and your customers'. Sage takes this responsibility seriously and tirelessly prioritizes product security.
Our security team is a force multiplier for your team and we have a shared mission to protect your data. We take care of securing our software, hosting infrastructure and combating cyberthreats - you look after your user accounts, 2FA and business processes.
We provide transparency about our security practices so you can understand how we protect your data.
The Sage Chief Information Security Officer (CISO) reports directly to the Sage board and spearheads our global security team. This team encompasses product security, architecture, governance, risk, compliance, security engineering, 24/7 operations, awareness, education, business continuity, and incident response. Moreover, every colleague plays a pivotal role in upholding security at Sage.
At Sage, we adhere to the 'least privilege' principle. Users are granted access solely to specific data, resources, and applications necessary for their tasks, ensuring tight control over our cloud environments.
Sage products are hosted on renowned public cloud platforms: Microsoft Azure and Amazon Web Services (AWS). By leveraging their top-tier security features, we ensure that Sage cloud software is accessible anytime, from anywhere.
Many Sage products employ TLS (Transport Layer Security) version 1.2 or higher. TLS encrypts data transmitted over the internet, and versions 1.2 and above are recognized for their security. If you're using a cloud service, ensure they utilize this version.
Absolute security is elusive. However, Sage employs a comprehensive set of technical controls, adopting a layered, defense-in-depth strategy. This is complemented by targeted awareness programs, advanced detection systems, and tools designed to identify malware-related traffic.