[{"data":1,"prerenderedAt":1351},["ShallowReactive",2],{"landing-1N9W7ihJHqg3zZ6HCe0M5f":3},{"metadata":4,"sys":9,"fields":29},{"tags":5,"concepts":6,"contentType":7,"slug":8},[],[],"landing","securite",{"space":10,"id":15,"type":16,"createdAt":17,"updatedAt":18,"environment":19,"publishedVersion":23,"revision":24,"contentType":25,"locale":28},{"sys":11},{"type":12,"linkType":13,"id":14},"Link","Space","b76knntgaaiu","1N9W7ihJHqg3zZ6HCe0M5f","Entry","2024-10-22T09:11:05.482Z","2026-05-11T02:14:22.895Z",{"sys":20},{"id":21,"type":12,"linkType":22},"master","Environment",38,8,{"sys":26},{"type":12,"linkType":27,"id":7},"ContentType","fr",{"titreContentful":30,"slug":8,"indexed":31,"navbar":31,"navbarCta":31,"ctaText":32,"ctaLink":33,"title":34,"description":35,"sectionsbanners":36},"Security page",true,"Démarrer maintenant","https://start.pennylane.com/","La sécurité chez Pennylane","Nous veillons à la confidentialité, l'intégrité et la disponibilité de vos données. Nos produits et opérations sont constamment améliorés découvrez comment",[37,82,102,236,253,463],{"metadata":38,"sys":42,"fields":55},{"tags":39,"concepts":40,"rootEntryIndex":41},[],[],0,{"space":43,"id":45,"type":16,"createdAt":46,"updatedAt":47,"environment":48,"publishedVersion":50,"revision":51,"contentType":52,"locale":28},{"sys":44},{"type":12,"linkType":13,"id":14},"2seKthWPQGwmpqdfR0sobl","2024-10-22T08:24:04.310Z","2025-08-29T13:14:22.254Z",{"sys":49},{"id":21,"type":12,"linkType":22},23,5,{"sys":53},{"type":12,"linkType":27,"id":54},"landingHeroTwo",{"contentfulTitle":56,"secondaryBackground":57,"backgroundShape":58,"title":59,"titleVariant":80,"subtitle":81},"hero /securite",false,"bg-shape-6",{"nodeType":60,"data":61,"content":62},"document",{},[63,72],{"nodeType":64,"data":65,"content":66},"heading-1",{},[67],{"nodeType":68,"value":69,"marks":70,"data":71},"text","Mieux comprendre \nnotre politique de sécurité",[],{},{"nodeType":73,"data":74,"content":75},"paragraph",{},[76],{"nodeType":68,"value":77,"marks":78,"data":79},"",[],{},"hero","Pennylane centralise en temps réel les flux financiers des entreprises, facilitant la collaboration dirigeants-cabinets. Nous assurons confidentialité, intégrité et disponibilité de vos données ainsi que celles de nos produits et opérations ",{"metadata":83,"sys":87,"fields":97},{"tags":84,"concepts":85,"rootEntryIndex":86},[],[],1,{"space":88,"id":90,"type":16,"createdAt":91,"updatedAt":91,"environment":92,"publishedVersion":51,"revision":86,"contentType":94,"locale":28},{"sys":89},{"type":12,"linkType":13,"id":14},"5YEBUKvTbxWYZwYVR92x9y","2024-07-23T18:35:04.340Z",{"sys":93},{"id":21,"type":12,"linkType":22},{"sys":95},{"type":12,"linkType":27,"id":96},"separator",{"contentfulTitle":98,"topColor":99,"bottomColor":100,"bottomVariant":101},"GREEN 110 > WHITE","bg-pl-green-100","bg-white","one",{"metadata":103,"sys":107,"fields":120},{"tags":104,"concepts":105,"rootEntryIndex":106},[],[],2,{"space":108,"id":110,"type":16,"createdAt":111,"updatedAt":112,"environment":113,"publishedVersion":115,"revision":116,"contentType":117,"locale":28},{"sys":109},{"type":12,"linkType":13,"id":14},"2IHJ0wOkArGtIMUtMNoOcB","2024-10-22T08:38:44.609Z","2025-11-13T15:52:28.661Z",{"sys":114},{"id":21,"type":12,"linkType":22},41,10,{"sys":118},{"type":12,"linkType":27,"id":119},"featureProps",{"contentfulName":121,"title":122,"subtitle":123,"background":31,"variant":124,"carrousel":57,"featurePropCards":125},"feature prop /securite","Découvrez nos pratiques en matière de sécurité","Nous concevons et améliorons nos produits et opérations selon six principes fondamentaux.","navigation",[126,145,164,183,202,219],{"metadata":127,"sys":130,"fields":142},{"tags":128,"concepts":129},[],[],{"space":131,"id":133,"type":16,"createdAt":134,"updatedAt":135,"environment":136,"publishedVersion":24,"revision":138,"contentType":139,"locale":28},{"sys":132},{"type":12,"linkType":13,"id":14},"bUPZ46roQK9oRpnztNfYW","2024-06-06T12:48:32.409Z","2025-11-13T15:47:59.493Z",{"sys":137},{"id":21,"type":12,"linkType":22},3,{"sys":140},{"type":12,"linkType":27,"id":141},"featurePropCard",{"cardTitle":143,"cardSubtitle":144},"ISO 27001","Nous sommes certifiés ISO 27001 : notre sécurité est à la fois encadrée et auditée chaque année par des experts indépendants.",{"metadata":146,"sys":149,"fields":161},{"tags":147,"concepts":148},[],[],{"space":150,"id":152,"type":16,"createdAt":153,"updatedAt":154,"environment":155,"publishedVersion":157,"revision":158,"contentType":159,"locale":28},{"sys":151},{"type":12,"linkType":13,"id":14},"72txwFevsIE8wF9Hrt1pGg","2024-06-06T12:48:27.718Z","2025-11-13T15:48:37.488Z",{"sys":156},{"id":21,"type":12,"linkType":22},9,4,{"sys":160},{"type":12,"linkType":27,"id":141},{"cardTitle":162,"cardSubtitle":163},"Sécurité des données","Nous assurons la sécurité des données grâce à des pratiques et mécanismes robustes d'autorisation, de chiffrement, de traçabilité, de sauvegarde et d'infrastructure résiliante.",{"metadata":165,"sys":168,"fields":180},{"tags":166,"concepts":167},[],[],{"space":169,"id":171,"type":16,"createdAt":172,"updatedAt":173,"environment":174,"publishedVersion":176,"revision":177,"contentType":178,"locale":28},{"sys":170},{"type":12,"linkType":13,"id":14},"2zsj6PsEWSGyaJmJVcAmnT","2023-12-22T12:19:43.528Z","2025-11-13T15:49:17.509Z",{"sys":175},{"id":21,"type":12,"linkType":22},27,6,{"sys":179},{"type":12,"linkType":27,"id":141},{"cardTitle":181,"cardSubtitle":182},"Contrôle des accès","Nous contrôlons tous les accès aux données des utilisateurs par les collaborateurs autorisés, en stricte proportion avec le besoin d'en connaître.",{"metadata":184,"sys":187,"fields":198},{"tags":185,"concepts":186},[],[],{"space":188,"id":190,"type":16,"createdAt":191,"updatedAt":192,"environment":193,"publishedVersion":195,"revision":157,"contentType":196,"locale":28},{"sys":189},{"type":12,"linkType":13,"id":14},"2vliyuZaketwbk56q2SX8h","2024-06-06T12:49:39.332Z","2025-11-13T15:52:11.817Z",{"sys":194},{"id":21,"type":12,"linkType":22},24,{"sys":197},{"type":12,"linkType":27,"id":141},{"cardTitle":199,"cardSubtitle":200,"cardLink":201},"RGPD","Tous nos traitements de données à caractère personnel sont conformes au Règlement Général sur la Protection des Données (RGPD). Accédez à notre Trust Center","legal-trust-center",{"metadata":203,"sys":206,"fields":216},{"tags":204,"concepts":205},[],[],{"space":207,"id":209,"type":16,"createdAt":210,"updatedAt":211,"environment":212,"publishedVersion":24,"revision":138,"contentType":214,"locale":28},{"sys":208},{"type":12,"linkType":13,"id":14},"4jxhjrOG5nHiicLTWbcvUt","2024-06-06T12:49:53.904Z","2025-11-13T15:49:44.012Z",{"sys":213},{"id":21,"type":12,"linkType":22},{"sys":215},{"type":12,"linkType":27,"id":141},{"cardTitle":217,"cardSubtitle":218},"Formation continue","Nous formons tous nos employés et partenaires aux meilleures pratiques de sécurité pour assurer la protection de vos données et celles de vos clients.",{"metadata":220,"sys":223,"fields":233},{"tags":221,"concepts":222},[],[],{"space":224,"id":226,"type":16,"createdAt":227,"updatedAt":228,"environment":229,"publishedVersion":51,"revision":106,"contentType":231,"locale":28},{"sys":225},{"type":12,"linkType":13,"id":14},"3mJ4lOryk29KM18qBTLHzW","2024-10-23T10:20:11.089Z","2025-11-13T15:51:17.746Z",{"sys":230},{"id":21,"type":12,"linkType":22},{"sys":232},{"type":12,"linkType":27,"id":141},{"cardTitle":234,"cardSubtitle":235},"Résilience opérationnelle","Nous assurons la sécurité et la qualité de notre résilience opérationnelle, grâce à une gestion efficace des incidents et un contrôle régulier de nos sous-traitants.",{"metadata":237,"sys":240,"fields":251},{"tags":238,"concepts":239,"rootEntryIndex":138},[],[],{"space":241,"id":243,"type":16,"createdAt":244,"updatedAt":245,"environment":246,"publishedVersion":248,"revision":157,"contentType":249,"locale":28},{"sys":242},{"type":12,"linkType":13,"id":14},"6NbHhT5nTlY2a3kZnEeAsr","2023-02-16T09:14:59.490Z","2026-04-23T08:05:26.460Z",{"sys":247},{"id":21,"type":12,"linkType":22},15,{"sys":250},{"type":12,"linkType":27,"id":96},{"contentfulTitle":252,"topColor":100,"bottomColor":99,"bottomVariant":101},"Brush 2 - White Top / Light Green Bottom",{"metadata":254,"sys":257,"fields":269},{"tags":255,"concepts":256,"rootEntryIndex":158},[],[],{"space":258,"id":260,"type":16,"createdAt":261,"updatedAt":262,"environment":263,"publishedVersion":265,"revision":24,"contentType":266,"locale":28},{"sys":259},{"type":12,"linkType":13,"id":14},"1Od5ZSlsRFsxqCIJ9t7Eph","2024-10-22T08:49:36.647Z","2026-04-10T15:43:18.157Z",{"sys":264},{"id":21,"type":12,"linkType":22},25,{"sys":267},{"type":12,"linkType":27,"id":268},"assetsList",{"contentfulTitle":270,"backgroundColor":100,"title":271,"assets":295},"asset list /securite",{"data":272,"content":273,"nodeType":60},{},[274,282,289],{"data":275,"content":276,"nodeType":281},{},[277],{"data":278,"marks":279,"value":280,"nodeType":68},{},[],"Nos ressources à télécharger sur la sécurité chez Pennylane","heading-2",{"data":283,"content":284,"nodeType":73},{},[285],{"data":286,"marks":287,"value":288,"nodeType":68},{},[],"Retrouvez toutes la documentation disponible pour mieux comprendre nos pratiques et leurs avantages, autant pour vos collaborateurs que vos clients.",{"data":290,"content":291,"nodeType":73},{},[292],{"data":293,"marks":294,"value":77,"nodeType":68},{},[],[296,342,383,424],{"metadata":297,"sys":300,"fields":313},{"tags":298,"concepts":299},[],[],{"space":301,"id":303,"type":16,"createdAt":304,"updatedAt":305,"environment":306,"publishedVersion":308,"revision":309,"contentType":310,"locale":28},{"sys":302},{"type":12,"linkType":13,"id":14},"1Sh7sOteVhPkm3Ujzl6WI4","2024-10-22T08:46:05.021Z","2026-05-11T02:07:26.952Z",{"sys":307},{"id":21,"type":12,"linkType":22},26,7,{"sys":311},{"type":12,"linkType":27,"id":312},"assetCard",{"contentfulTitle":314,"title":315,"image":316,"ctaText":340,"ctaLink":341},"Certification ISO27001","ISO 27001 : Pennylane est certifiée, sans exception à la norme, pour tous ses produits, opérations et sites.",{"metadata":317,"sys":320,"fields":329},{"tags":318,"concepts":319},[],[],{"space":321,"id":323,"type":324,"createdAt":325,"updatedAt":326,"environment":327,"publishedVersion":309,"revision":106,"locale":28},{"sys":322},{"type":12,"linkType":13,"id":14},"74gLyDbwyXxUMMyGJODnTW","Asset","2024-10-22T08:41:24.055Z","2026-04-10T15:36:32.720Z",{"sys":328},{"id":21,"type":12,"linkType":22},{"title":330,"description":77,"file":331},"certif iso27001",{"url":332,"details":333,"fileName":338,"contentType":339},"//images.ctfassets.net/b76knntgaaiu/74gLyDbwyXxUMMyGJODnTW/d8b73d33ae1efba39a891ae4fbc3da50/certif_iso27001.png",{"size":334,"image":335},172872,{"width":336,"height":337},445,454,"certif iso27001.png","image/png","Voir le certificat","https://assets.ctfassets.net/b76knntgaaiu/1ZoQOqZDrK32aeBHsQPrb6/49b971c8886615ebf3577371a182773a/Pennylane_ISO27001_certificate_FR_EN_2025.pdf",{"metadata":343,"sys":346,"fields":358},{"tags":344,"concepts":345},[],[],{"space":347,"id":349,"type":16,"createdAt":350,"updatedAt":351,"environment":352,"publishedVersion":354,"revision":355,"contentType":356,"locale":28},{"sys":348},{"type":12,"linkType":13,"id":14},"3bEgJbOVdrqqfyAR8SULAj","2024-10-22T08:48:08.392Z","2026-05-11T02:08:45.872Z",{"sys":353},{"id":21,"type":12,"linkType":22},36,11,{"sys":357},{"type":12,"linkType":27,"id":312},{"contentfulTitle":359,"title":360,"image":361,"ctaText":381,"ctaLink":382},"Guide sécurité /securite","Livre blanc sur la sécurité : tout sur garantir la confidentialité, l’intégrité et la disponibilité de vos données.",{"metadata":362,"sys":365,"fields":373},{"tags":363,"concepts":364},[],[],{"space":366,"id":368,"type":324,"createdAt":369,"updatedAt":370,"environment":371,"publishedVersion":177,"revision":106,"locale":28},{"sys":367},{"type":12,"linkType":13,"id":14},"5XgrdZxlyurTlpObkTaW6O","2024-10-22T08:47:02.659Z","2026-04-10T15:35:47.778Z",{"sys":372},{"id":21,"type":12,"linkType":22},{"title":374,"description":77,"file":375},"guide sur la sécurité",{"url":376,"details":377,"fileName":380,"contentType":339},"//images.ctfassets.net/b76knntgaaiu/5XgrdZxlyurTlpObkTaW6O/38d375c91f8cd070fd3c46bb144909ee/guide_sur_la_se_curite_.png",{"size":378,"image":379},212371,{"width":336,"height":337},"guide sur la sécurité.png","Je télécharge le livre blanc","https://assets.ctfassets.net/b76knntgaaiu/4OnsHFZJsRKrLXd6BWj1YO/21f9ff9eac2c224ce91846f34e0945df/Pennylane_-_Security_Whitepaper_v2.0.pdf",{"metadata":384,"sys":387,"fields":397},{"tags":385,"concepts":386},[],[],{"space":388,"id":390,"type":16,"createdAt":391,"updatedAt":392,"environment":393,"publishedVersion":195,"revision":24,"contentType":395,"locale":28},{"sys":389},{"type":12,"linkType":13,"id":14},"4saDTAYEnMqyM8f0uuuuZa","2024-10-22T08:49:30.049Z","2026-05-11T02:10:17.541Z",{"sys":394},{"id":21,"type":12,"linkType":22},{"sys":396},{"type":12,"linkType":27,"id":312},{"contentfulTitle":398,"title":399,"image":400,"ctaText":422,"ctaLink":423},"Incident response plan /securite"," Continuité : Pennylane s’engage à répondre rapidement et efficacement aux incidents.",{"metadata":401,"sys":404,"fields":412},{"tags":402,"concepts":403},[],[],{"space":405,"id":407,"type":324,"createdAt":408,"updatedAt":409,"environment":410,"publishedVersion":116,"revision":138,"locale":28},{"sys":406},{"type":12,"linkType":13,"id":14},"3QVGdCN19sFKPR5MUnOAZL","2024-12-16T11:08:10.966Z","2026-04-10T15:35:00.222Z",{"sys":411},{"id":21,"type":12,"linkType":22},{"title":413,"description":77,"file":414},"illu-secu-2",{"url":415,"details":416,"fileName":421,"contentType":339},"//images.ctfassets.net/b76knntgaaiu/3QVGdCN19sFKPR5MUnOAZL/264ff874bea90cfa5986f58771a9f3de/illu-secu-2.png",{"size":417,"image":418},1277302,{"width":419,"height":420},1400,1280,"illu-secu-2.png","Accéder au document","https://assets.ctfassets.net/b76knntgaaiu/7Y97y2SFCTKpwAaX1QhQf/bbee205a184e57b40deb2aabd2716fe8/Pennylane_-_Incident_response_plan.pdf",{"metadata":425,"sys":428,"fields":438},{"tags":426,"concepts":427},[],[],{"space":429,"id":431,"type":16,"createdAt":432,"updatedAt":433,"environment":434,"publishedVersion":23,"revision":309,"contentType":436,"locale":28},{"sys":430},{"type":12,"linkType":13,"id":14},"7DeUfMIiaMsNtbg3OJUwTu","2025-09-16T13:54:20.154Z","2026-05-11T02:11:17.834Z",{"sys":435},{"id":21,"type":12,"linkType":22},{"sys":437},{"type":12,"linkType":27,"id":312},{"contentfulTitle":439,"title":440,"image":441,"ctaText":381,"ctaLink":462},"Whitepaper AI","Livre blanc sur l'IA : sécurité et gestion des données au sein des fonctionnalités IA de Pennylane.",{"metadata":442,"sys":445,"fields":453},{"tags":443,"concepts":444},[],[],{"space":446,"id":448,"type":324,"createdAt":449,"updatedAt":450,"environment":451,"publishedVersion":309,"revision":106,"locale":28},{"sys":447},{"type":12,"linkType":13,"id":14},"5DQwe7UsHfBcQfqbBTiNvB","2024-06-10T14:04:34.787Z","2026-04-10T15:34:06.405Z",{"sys":452},{"id":21,"type":12,"linkType":22},{"title":454,"description":77,"file":455},"Pionniers mais intransigeants sur la sécurité des données",{"url":456,"details":457,"fileName":461,"contentType":339},"//images.ctfassets.net/b76knntgaaiu/5DQwe7UsHfBcQfqbBTiNvB/e71eba2f2c168b25644dc74235d2f8ec/Pionniers_mais_intransigeants_sur_la_se_curite__des_donne_es.png",{"size":458,"image":459},376781,{"width":460,"height":460},1200,"Pionniers mais intransigeants sur la sécurité des données.png","https://assets.ctfassets.net/b76knntgaaiu/5CZSj1aYg0nta9Vv0C6a7l/2574cf79e5b3d3c758b52e739855015b/Pennylane_-_AI_Whitepaper_v1.0.pdf",{"metadata":464,"sys":467,"fields":478},{"tags":465,"concepts":466,"rootEntryIndex":51},[],[],{"space":468,"id":470,"type":16,"createdAt":471,"updatedAt":472,"environment":473,"publishedVersion":50,"revision":51,"contentType":475,"locale":28},{"sys":469},{"type":12,"linkType":13,"id":14},"2VlIdm7viUn12sXdnsu8dY","2024-10-22T09:11:02.028Z","2025-09-10T14:19:44.958Z",{"sys":474},{"id":21,"type":12,"linkType":22},{"sys":476},{"type":12,"linkType":27,"id":477},"cardWithModalStructure",{"slug":479,"cards":480,"backgroundColor":1350},"securite-cards",[481,604,691,803,937,1040,1121,1209],{"metadata":482,"sys":485,"fields":497},{"tags":483,"concepts":484},[],[],{"space":486,"id":488,"type":16,"createdAt":489,"updatedAt":490,"environment":491,"publishedVersion":493,"revision":158,"contentType":494,"locale":28},{"sys":487},{"type":12,"linkType":13,"id":14},"49FxSnELgfBf5o9L4JtMHM","2024-10-23T08:36:46.006Z","2026-01-20T11:11:42.649Z",{"sys":492},{"id":21,"type":12,"linkType":22},21,{"sys":495},{"type":12,"linkType":27,"id":496},"cardWithModal",{"slug":498,"title":499,"subtitle":500,"text":501,"image":581,"extended":57,"reversed":57,"backgroundColor":603},"acces-aux-donnees","Accès aux données","Un contrôle robuste et audité",{"data":502,"content":503,"nodeType":60},{},[504,510,575],{"data":505,"content":506,"nodeType":73},{},[507],{"data":508,"marks":509,"value":77,"nodeType":68},{},[],{"data":511,"content":512,"nodeType":574},{},[513,524,534,544,554,564],{"data":514,"content":515,"nodeType":523},{},[516],{"data":517,"content":518,"nodeType":73},{},[519],{"data":520,"marks":521,"value":522,"nodeType":68},{},[],"Tous les utilisateurs de l'application Pennylane doivent s'authentifier par email et un mot de passe contrôlé par une politique de qualité stricte, avec un facteur d'authentification secondaire obligatoire différent (SMS ou notification push-app ou clef de sécurité externe). Les employés de Pennylane doivent utiliser le système d'authentification unique de l'entreprise, avec un second facteur d'authentification obligatoire. La connexion sur Pennylane est limitée à un nombre strict de tentatives avec des capacités de verrouillage, demandant la validation des employés de Pennylane pour lever le verrouillage de sécurité des comptes.","list-item",{"data":525,"content":526,"nodeType":523},{},[527],{"data":528,"content":529,"nodeType":73},{},[530],{"data":531,"marks":532,"value":533,"nodeType":68},{},[],"Les accès de tous les employés sont gérés de manière centralisée par une équipe dédiée, qui applique le principe du moindre privilège afin de garantir que chaque employé ne dispose que des droits nécessaires au succès de sa mission et uniquement pour sa durée. Des audits réguliers contrôlent l’efficacité de cette politique.",{"data":535,"content":536,"nodeType":523},{},[537],{"data":538,"content":539,"nodeType":73},{},[540],{"data":541,"marks":542,"value":543,"nodeType":68},{},[],"Les employés de Pennylane autorisés à accéder aux données des clients, uniquement à des fins de support ou de développement technique, doivent justifier de leurs raisons. Toutes les modifications de données sont enregistrées et font l'objet d'un audit régulier de conformité interne.",{"data":545,"content":546,"nodeType":523},{},[547],{"data":548,"content":549,"nodeType":73},{},[550],{"data":551,"marks":552,"value":553,"nodeType":68},{},[],"Un examen global de l'accès aux données, pour vérification par rapport à la matrice des rôles et des droits des utilisateurs, est effectué chaque mois dans le cadre du programme d'audit interne centralisé.",{"data":555,"content":556,"nodeType":523},{},[557],{"data":558,"content":559,"nodeType":73},{},[560],{"data":561,"marks":562,"value":563,"nodeType":68},{},[],"Pennylane offre une connexion sécurisée aux comptes bancaires des utilisateurs en utilisant plusieurs méthodes, adaptées aux spécificités de chaque banque : soit par le biais de OAuth2 (un moyen sûr et pratique pour les utilisateurs d'accorder l'accès aux applications tierces) ou par le biais des services de Bridge et Powens (conformes à l'ACPR/DSP2 et leaders reconnus dans le secteur de l'open-banking français).",{"data":565,"content":566,"nodeType":523},{},[567],{"data":568,"content":569,"nodeType":73},{},[570],{"data":571,"marks":572,"value":573,"nodeType":68},{},[],"Pennylane utilise également le protocole EBICS avec divers fournisseurs de services. EBICS (Electronic Banking Internet Communication Standard) est un standard de communication sécurisé basé sur Internet utilisé par les banques, offrant des niveaux élevés de sécurité et un contrôle d'accès approprié.","unordered-list",{"data":576,"content":577,"nodeType":73},{},[578],{"data":579,"marks":580,"value":77,"nodeType":68},{},[],{"metadata":582,"sys":585,"fields":593},{"tags":583,"concepts":584},[],[],{"space":586,"id":588,"type":324,"createdAt":589,"updatedAt":590,"environment":591,"publishedVersion":309,"revision":106,"locale":28},{"sys":587},{"type":12,"linkType":13,"id":14},"1ddYVG0HwXwi24Dqfm3Bir","2024-10-15T17:02:18.839Z","2026-01-20T11:11:55.861Z",{"sys":592},{"id":21,"type":12,"linkType":22},{"title":594,"description":77,"file":595},"Conformité RGPD",{"url":596,"details":597,"fileName":602,"contentType":339},"//images.ctfassets.net/b76knntgaaiu/1ddYVG0HwXwi24Dqfm3Bir/aa87b2e1d77a992b09207867feec14de/La_conformite__RGPD.png",{"size":598,"image":599},280941,{"width":600,"height":601},1128,680,"La conformité RGPD.png","green",{"metadata":605,"sys":608,"fields":619},{"tags":606,"concepts":607},[],[],{"space":609,"id":611,"type":16,"createdAt":612,"updatedAt":613,"environment":614,"publishedVersion":616,"revision":116,"contentType":617,"locale":28},{"sys":610},{"type":12,"linkType":13,"id":14},"67N4Vj5LVJYalKtVg7C1V5","2024-10-15T15:05:22.879Z","2026-04-10T15:49:23.622Z",{"sys":615},{"id":21,"type":12,"linkType":22},29,{"sys":618},{"type":12,"linkType":27,"id":496},{"slug":620,"title":621,"subtitle":622,"text":623,"image":671,"extended":57,"reversed":57,"backgroundColor":690},"chiffrement","Chiffrement","En transit et deux fois au repos",{"data":624,"content":625,"nodeType":60},{},[626,632,665],{"data":627,"content":628,"nodeType":73},{},[629],{"data":630,"marks":631,"value":77,"nodeType":68},{},[],{"data":633,"content":634,"nodeType":574},{},[635,645,655],{"data":636,"content":637,"nodeType":523},{},[638],{"data":639,"content":640,"nodeType":73},{},[641],{"data":642,"marks":643,"value":644,"nodeType":68},{},[],"Toutes les données sont chiffrées en transit TLS 1.2/1.3 avec HSTS et Perfect Forward Secrecy entièrement activé) et au repos AES-256-GCM et BCrypt).",{"data":646,"content":647,"nodeType":523},{},[648],{"data":649,"content":650,"nodeType":73},{},[651],{"data":652,"marks":653,"value":654,"nodeType":68},{},[],"En supplément, Pennylane chiffre une seconde fois les données les plus sensibles avant tout hébergement au repos. L'opportunité et la nécessité de ce chiffrement, pour les nouveaux documents comme pour les anciens, sont contrôlées chaque mois, dans le cadre du programme d'audit interne centralisé.",{"data":656,"content":657,"nodeType":523},{},[658],{"data":659,"content":660,"nodeType":73},{},[661],{"data":662,"marks":663,"value":664,"nodeType":68},{},[],"Tous les fichiers de l'application sont stockés chiffrés dans des environnements versionnés. L'accès aux fichiers se fait via un lien pré-signé sécurisé, généré par le mécanisme de permissions de l'application.",{"data":666,"content":667,"nodeType":73},{},[668],{"data":669,"marks":670,"value":77,"nodeType":68},{},[],{"metadata":672,"sys":675,"fields":683},{"tags":673,"concepts":674},[],[],{"space":676,"id":678,"type":324,"createdAt":679,"updatedAt":680,"environment":681,"publishedVersion":24,"revision":106,"locale":28},{"sys":677},{"type":12,"linkType":13,"id":14},"4MxyBLVS3HHAgfByZrMTWS","2024-10-15T15:03:12.331Z","2026-04-10T15:49:37.199Z",{"sys":682},{"id":21,"type":12,"linkType":22},{"title":621,"description":77,"file":684},{"url":685,"details":686,"fileName":689,"contentType":339},"//images.ctfassets.net/b76knntgaaiu/4MxyBLVS3HHAgfByZrMTWS/13cd3f4c85f2654a63f477862337bf31/Se_curite__bancaire__1_.png",{"size":687,"image":688},115215,{"width":600,"height":601},"Sécurité bancaire (1).png","picture",{"metadata":692,"sys":695,"fields":706},{"tags":693,"concepts":694},[],[],{"space":696,"id":698,"type":16,"createdAt":699,"updatedAt":700,"environment":701,"publishedVersion":703,"revision":177,"contentType":704,"locale":28},{"sys":697},{"type":12,"linkType":13,"id":14},"4PK2fHgpx1iUQPrViFWLMW","2024-10-22T09:05:08.841Z","2026-04-10T15:49:04.374Z",{"sys":702},{"id":21,"type":12,"linkType":22},22,{"sys":705},{"type":12,"linkType":27,"id":496},{"slug":707,"title":708,"subtitle":709,"text":710,"image":782,"extended":57,"reversed":57,"backgroundColor":690},"developpement-des-apps","Développement des apps","Contrôle de la qualité par les pairs et mises à jour automatiques",{"data":711,"content":712,"nodeType":60},{},[713,776],{"data":714,"content":715,"nodeType":574},{},[716,726,736,746,756,766],{"data":717,"content":718,"nodeType":523},{},[719],{"data":720,"content":721,"nodeType":73},{},[722],{"data":723,"marks":724,"value":725,"nodeType":68},{},[],"Tous les accès et modifications du code source sont strictement contrôlés par des procédures automatiques et revus par des pairs.",{"data":727,"content":728,"nodeType":523},{},[729],{"data":730,"content":731,"nodeType":73},{},[732],{"data":733,"marks":734,"value":735,"nodeType":68},{},[],"Toutes les clés des API de la plateforme Pennylane sont chiffrées. Les clés de chiffrement des APIs sont générées par le code de l'application, interdisant toute réutilisation et effectuant une rotation régulière. L'accès est limité au besoin d'en savoir par la mise en place d'une demande de justification obligatoire. Ces accès et toutes les actions qui en découlent sont enregistrés. L'autorisation d'accès est temporaire et fait l'objet d'une déconnexion automatique à la fin du même jour.",{"data":737,"content":738,"nodeType":523},{},[739],{"data":740,"content":741,"nodeType":73},{},[742],{"data":743,"marks":744,"value":745,"nodeType":68},{},[],"Les développeurs sont techniquement obligés d'exécuter des contrôles locaux, pour vérifier si le code mis à jour/ajouté est conforme aux règles en termes de sécurité, de performance et de couverture. Ces vérifications contiennent les meilleures pratiques du secteur, ainsi que des vérifications métier sur-mesure visant à détecter les comportements dangereux pour des classes de vulnérabilités spécifiques. En outre, un contrôle d'intégrité des paquets installés à distance et un contrôle du cryptage du disque du poste de travail du développeur font également partie des contrôles de sécurité.",{"data":747,"content":748,"nodeType":523},{},[749],{"data":750,"content":751,"nodeType":73},{},[752],{"data":753,"marks":754,"value":755,"nodeType":68},{},[],"Pennylane effectue, par le biais de l'intégration continue de tout nouveau code ou code modifié, une analyse statique approfondie afin de détecter et de bloquer tout style de codage dangereux ou toute utilisation de méthodes dangereuses, et demande si nécessaire la révision obligatoire d'un ingénieur de sécurité.",{"data":757,"content":758,"nodeType":523},{},[759],{"data":760,"content":761,"nodeType":73},{},[762],{"data":763,"marks":764,"value":765,"nodeType":68},{},[],"Les développeurs disposent d'une procédure formelle de développement, qui prévoit que les demandes de déploiement de code soient systématiques, examinées par des pairs, qu'elles passent les contrôles d'intégration continue et qu'elles soient exécutées sur des environnements dédiés, logiquement séparés de l’environnement de production.",{"data":767,"content":768,"nodeType":523},{},[769],{"data":770,"content":771,"nodeType":73},{},[772],{"data":773,"marks":774,"value":775,"nodeType":68},{},[],"Les dépendances externes des applications Pennylane sont automatiquement mises à jour par un programme dédié et régulièrement validées par les développeurs. Ce processus est continuellement audité par une équipe dédiée à la sécurité des applications.",{"data":777,"content":778,"nodeType":73},{},[779],{"data":780,"marks":781,"value":77,"nodeType":68},{},[],{"metadata":783,"sys":786,"fields":794},{"tags":784,"concepts":785},[],[],{"space":787,"id":789,"type":324,"createdAt":790,"updatedAt":791,"environment":792,"publishedVersion":116,"revision":138,"locale":28},{"sys":788},{"type":12,"linkType":13,"id":14},"7Fcg8wdVJgXGppd5DfiTSn","2024-10-16T09:41:43.252Z","2026-04-13T12:38:56.663Z",{"sys":793},{"id":21,"type":12,"linkType":22},{"title":795,"description":77,"file":796},"ACPR",{"url":797,"details":798,"fileName":802,"contentType":339},"//images.ctfassets.net/b76knntgaaiu/7Fcg8wdVJgXGppd5DfiTSn/23cf9b541a5a3e20b6086b9f7135156f/ACPR.png",{"size":799,"image":800},425937,{"width":801,"height":600},1260,"ACPR.png",{"metadata":804,"sys":807,"fields":818},{"tags":805,"concepts":806},[],[],{"space":808,"id":810,"type":16,"createdAt":811,"updatedAt":812,"environment":813,"publishedVersion":815,"revision":116,"contentType":816,"locale":28},{"sys":809},{"type":12,"linkType":13,"id":14},"5NxZgPO5Cz3k0eXjT9vgC","2024-10-15T15:33:55.776Z","2026-04-10T15:48:38.854Z",{"sys":814},{"id":21,"type":12,"linkType":22},28,{"sys":817},{"type":12,"linkType":27,"id":496},{"slug":819,"title":820,"subtitle":821,"text":822,"image":917,"extended":57,"reversed":57,"backgroundColor":690},"hebergement","Hébergement et sauvegardes","AWS en Irlande, disponibilité permanente et sauvegarde continue",{"data":823,"content":824,"nodeType":60},{},[825,911],{"data":826,"content":827,"nodeType":574},{},[828,838,848,858,901],{"data":829,"content":830,"nodeType":523},{},[831],{"data":832,"content":833,"nodeType":73},{},[834],{"data":835,"marks":836,"value":837,"nodeType":68},{},[],"Toutes les données, y compris les sauvegardes, sont stockées en Irlande par Amazon Web Services, dans le respect des normes ISO 27001 et SOC2, entre autres certifications.",{"data":839,"content":840,"nodeType":523},{},[841],{"data":842,"content":843,"nodeType":73},{},[844],{"data":845,"marks":846,"value":847,"nodeType":68},{},[],"Toutes les données sont continuellement répliquées en temps réel sur des serveurs AWS secondaires distants du primaire, avec un système automatique permettant de basculer en quelques secondes sur un nouveau serveur en cas de panne.",{"data":849,"content":850,"nodeType":523},{},[851],{"data":852,"content":853,"nodeType":73},{},[854],{"data":855,"marks":856,"value":857,"nodeType":68},{},[],"Toutes les données sont sauvegardées en permanence, ce qui permet de restaurer à tout moment des données datant d'au moins 5 minutes. Le temps de récupération d'une sauvegarde est de 1 heure. Le processus de récupération complète est vérifié deux fois par an pour en améliorer les performances.",{"data":859,"content":860,"nodeType":523},{},[861,868],{"data":862,"content":863,"nodeType":73},{},[864],{"data":865,"marks":866,"value":867,"nodeType":68},{},[],"Pennylane maintient un ensemble de plans de gestion des incidents documentés, avec des responsables et des procédures claires, en fonction de la gravité et de l'impact de l'incident, afin de garantir la performance de ses employés et de ses systèmes pour la continuité des activités : ",{"data":869,"content":870,"nodeType":574},{},[871,881,891],{"data":872,"content":873,"nodeType":523},{},[874],{"data":875,"content":876,"nodeType":73},{},[877],{"data":878,"marks":879,"value":880,"nodeType":68},{},[],"Information Security Incident and Fraud Management Procedure",{"data":882,"content":883,"nodeType":523},{},[884],{"data":885,"content":886,"nodeType":73},{},[887],{"data":888,"marks":889,"value":890,"nodeType":68},{},[],"Data Breach Response Procedure",{"data":892,"content":893,"nodeType":523},{},[894],{"data":895,"content":896,"nodeType":73},{},[897],{"data":898,"marks":899,"value":900,"nodeType":68},{},[],"Incident Response Plan PCA / PRA",{"data":902,"content":903,"nodeType":523},{},[904],{"data":905,"content":906,"nodeType":73},{},[907],{"data":908,"marks":909,"value":910,"nodeType":68},{},[],"Pennylane ne dépend d'aucun local physique pour la continuité de ses services, s'appuyant entièrement sur des fournisseurs de services de premier plan pour les serveurs, l'hébergement et la gestion de l'infrastructure, services offrant une extensibilité, une disponibilité des données, une sécurité et des performances de premier plan, ainsi que des plans de continuité des activités documentés.",{"data":912,"content":913,"nodeType":73},{},[914],{"data":915,"marks":916,"value":77,"nodeType":68},{},[],{"metadata":918,"sys":921,"fields":929},{"tags":919,"concepts":920},[],[],{"space":922,"id":924,"type":324,"createdAt":925,"updatedAt":926,"environment":927,"publishedVersion":309,"revision":106,"locale":28},{"sys":923},{"type":12,"linkType":13,"id":14},"61d6nGdd8QYZrzIFWTYPyQ","2024-10-15T15:35:08.386Z","2025-11-13T15:40:29.052Z",{"sys":928},{"id":21,"type":12,"linkType":22},{"title":930,"description":77,"file":931},"Hebergement",{"url":932,"details":933,"fileName":936,"contentType":339},"//images.ctfassets.net/b76knntgaaiu/61d6nGdd8QYZrzIFWTYPyQ/7e48551b7a8efa80de32bc39a3c0bf4d/Herberger_vos_donne_es.png",{"size":934,"image":935},587837,{"width":600,"height":601},"Herberger vos données.png",{"metadata":938,"sys":941,"fields":952},{"tags":939,"concepts":940},[],[],{"space":942,"id":944,"type":16,"createdAt":945,"updatedAt":946,"environment":947,"publishedVersion":949,"revision":51,"contentType":950,"locale":28},{"sys":943},{"type":12,"linkType":13,"id":14},"3TXYBkPK4X4dZU9bhgLKEB","2025-09-10T14:18:27.338Z","2026-04-10T15:48:05.317Z",{"sys":948},{"id":21,"type":12,"linkType":22},51,{"sys":951},{"type":12,"linkType":27,"id":496},{"slug":953,"title":954,"subtitle":955,"text":956,"image":1018,"extended":57,"reversed":57,"backgroundColor":690},"pdp","Hébergement de la Plateforme Agréée (ex-PDP)","3DS Outscale en France, hébergement qualifié SecNumCloud 3.2",{"data":957,"content":958,"nodeType":60},{},[959,1012],{"data":960,"content":961,"nodeType":574},{},[962,972,982,992,1002],{"data":963,"content":964,"nodeType":523},{},[965],{"data":966,"content":967,"nodeType":73},{},[968],{"data":969,"marks":970,"value":971,"nodeType":68},{},[],"Toutes les données liées au cadre de la facturation électronique (Plateforme Agréée, PA, ex-PDP, Plateforme de Dématérialisation Partenaire) en France sont hébergées sur l'infrastructure de Scalingo, s'appuyant sur leur hébergeur 3DS Outscale (filiale de Dassault Systèmes), certifié ISO 27001 et qualifié SecNumCloud 3.2, entre autres certifications.",{"data":973,"content":974,"nodeType":523},{},[975],{"data":976,"content":977,"nodeType":73},{},[978],{"data":979,"marks":980,"value":981,"nodeType":68},{},[],"Toutes les données et bases de données hébergées de la PA sont sauvegardées quotidiennement, les sauvegardes étant chiffrées au repos et stockées dans trois zones de disponibilité indépendantes au sein de la région certifiée SecNumCloud. ",{"data":983,"content":984,"nodeType":523},{},[985],{"data":986,"content":987,"nodeType":73},{},[988],{"data":989,"marks":990,"value":991,"nodeType":68},{},[],"La restauration à un instant précis (Point-in-Time Recovery, PITR) permet une restauration à n'importe quel point des 7 derniers jours, avec une perte de données maximale de 5 minutes. ",{"data":993,"content":994,"nodeType":523},{},[995],{"data":996,"content":997,"nodeType":73},{},[998],{"data":999,"marks":1000,"value":1001,"nodeType":68},{},[],"Les politiques de rétention garantissent la disponibilité de sauvegardes quotidiennes, hebdomadaires et mensuelles, et la restauration des sauvegardes est testée au moins deux fois par an (RTO : 1 heure). ",{"data":1003,"content":1004,"nodeType":523},{},[1005],{"data":1006,"content":1007,"nodeType":73},{},[1008],{"data":1009,"marks":1010,"value":1011,"nodeType":68},{},[],"Toutes les mesures de sauvegarde et de reprise après sinistre sont conformes aux exigences d'ANSSI SecNumCloud.",{"data":1013,"content":1014,"nodeType":73},{},[1015],{"data":1016,"marks":1017,"value":77,"nodeType":68},{},[],{"metadata":1019,"sys":1022,"fields":1030},{"tags":1020,"concepts":1021},[],[],{"space":1023,"id":1025,"type":324,"createdAt":1026,"updatedAt":1027,"environment":1028,"publishedVersion":309,"revision":106,"locale":28},{"sys":1024},{"type":12,"linkType":13,"id":14},"2zynN6HIFYuwO1WtQNoMiO","2025-02-04T14:40:25.907Z","2026-04-10T15:47:59.929Z",{"sys":1029},{"id":21,"type":12,"linkType":22},{"title":1031,"description":77,"file":1032},"PDP-Pennylane",{"url":1033,"details":1034,"fileName":1038,"contentType":1039},"//images.ctfassets.net/b76knntgaaiu/2zynN6HIFYuwO1WtQNoMiO/2df0fd0d7beb9b885e479da233039c8a/PDP-Pennylane.jpg",{"size":1035,"image":1036},1200685,{"width":1037,"height":1037},2200,"PDP-Pennylane.jpg","image/jpeg",{"metadata":1041,"sys":1044,"fields":1055},{"tags":1042,"concepts":1043},[],[],{"space":1045,"id":1047,"type":16,"createdAt":1048,"updatedAt":1049,"environment":1050,"publishedVersion":1052,"revision":158,"contentType":1053,"locale":28},{"sys":1046},{"type":12,"linkType":13,"id":14},"7nful3OTNoRNSOlc8Nt2cm","2024-10-22T09:05:54.672Z","2025-11-13T15:38:57.369Z",{"sys":1051},{"id":21,"type":12,"linkType":22},16,{"sys":1054},{"type":12,"linkType":27,"id":496},{"slug":1056,"title":1057,"subtitle":1058,"text":1059,"image":1101,"extended":57,"reversed":57,"backgroundColor":603},"audit","Audit","Contrôle annuel par des experts indépendants",{"data":1060,"content":1061,"nodeType":60},{},[1062,1095],{"data":1063,"content":1064,"nodeType":574},{},[1065,1075,1085],{"data":1066,"content":1067,"nodeType":523},{},[1068],{"data":1069,"content":1070,"nodeType":73},{},[1071],{"data":1072,"marks":1073,"value":1074,"nodeType":68},{},[],"Pennylane organise des audits continus et réguliers de ses Systèmes d'Information, automatiquement comme par des professionnels internes et indépendants, au moins une fois par an, dans le cadre du processus annuel de certification ISO 27001.",{"data":1076,"content":1077,"nodeType":523},{},[1078],{"data":1079,"content":1080,"nodeType":73},{},[1081],{"data":1082,"marks":1083,"value":1084,"nodeType":68},{},[],"Pennylane déploie des technologies automatisées pour offrir en interne une piste d'audit sur son infrastructure et ses applications, permettant le suivi des changements, la surveillance des bugs et des indisponibilités pour une amélioration continue de la couche logicielle.",{"data":1086,"content":1087,"nodeType":523},{},[1088],{"data":1089,"content":1090,"nodeType":73},{},[1091],{"data":1092,"marks":1093,"value":1094,"nodeType":68},{},[],"La sécurité de l'application Pennylane est régulièrement testée par des chercheurs en sécurité internes et indépendants contre les vulnérabilités et les bugs, au moins 2 fois par an.",{"data":1096,"content":1097,"nodeType":73},{},[1098],{"data":1099,"marks":1100,"value":77,"nodeType":68},{},[],{"metadata":1102,"sys":1105,"fields":1113},{"tags":1103,"concepts":1104},[],[],{"space":1106,"id":1108,"type":324,"createdAt":1109,"updatedAt":1110,"environment":1111,"publishedVersion":309,"revision":106,"locale":28},{"sys":1107},{"type":12,"linkType":13,"id":14},"2fHQWc3IzymJhNlfeUxhQf","2024-10-15T17:07:23.219Z","2025-11-13T15:38:43.492Z",{"sys":1112},{"id":21,"type":12,"linkType":22},{"title":1114,"description":77,"file":1115},"Rôle RGPD",{"url":1116,"details":1117,"fileName":1120,"contentType":339},"//images.ctfassets.net/b76knntgaaiu/2fHQWc3IzymJhNlfeUxhQf/ae08e42e13bd2f265a70522bb41ec4ef/Focus_sur_les_roles_rgpd.png",{"size":1118,"image":1119},691924,{"width":600,"height":601},"Focus sur les roles rgpd.png",{"metadata":1122,"sys":1125,"fields":1135},{"tags":1123,"concepts":1124},[],[],{"space":1126,"id":1128,"type":16,"createdAt":1129,"updatedAt":1130,"environment":1131,"publishedVersion":308,"revision":24,"contentType":1133,"locale":28},{"sys":1127},{"type":12,"linkType":13,"id":14},"1B53iArw0svz687Hpxgg7U","2024-10-15T15:37:52.765Z","2026-04-10T15:47:16.223Z",{"sys":1132},{"id":21,"type":12,"linkType":22},{"sys":1134},{"type":12,"linkType":27,"id":496},{"slug":1136,"title":1137,"subtitle":1138,"text":1139,"image":1188,"extended":57,"reversed":57,"backgroundColor":1208},"ransomware","Risque contre les ransomwares","Pennylane est capable de détecter une attaque, de l’analyser, et en cas de compromission partielle ou totale de données, de revenir à un état précédent et de supprimer tout artéfact de prise de contrôle.",{"data":1140,"content":1141,"nodeType":60},{},[1142,1149,1182],{"data":1143,"content":1144,"nodeType":73},{},[1145],{"data":1146,"marks":1147,"value":1148,"nodeType":68},{},[],"Pennylane est capable de détecter une attaque, de l’analyser, et en cas de compromission partielle ou totale de données, de revenir à un état précédent et de supprimer tout artéfact de prise de contrôle. Pour cela nous nous appuyons sur :",{"data":1150,"content":1151,"nodeType":574},{},[1152,1162,1172],{"data":1153,"content":1154,"nodeType":523},{},[1155],{"data":1156,"content":1157,"nodeType":73},{},[1158],{"data":1159,"marks":1160,"value":1161,"nodeType":68},{},[],"une sauvegarde continue des données (chiffrée, auditée, testée), ce qui permet de restaurer à tout moment des données datant d'au moins 15 minutes et d’au plus 30 jours. Le temps de récupération d'une sauvegarde est de 1 heure. Le processus de récupération complète est vérifié deux fois par an pour en améliorer les performances ;",{"data":1163,"content":1164,"nodeType":523},{},[1165],{"data":1166,"content":1167,"nodeType":73},{},[1168],{"data":1169,"marks":1170,"value":1171,"nodeType":68},{},[],"une Infrastructure as a Code (IaaC), permettant de redéployer l’infrastructure complète de l’application ;",{"data":1173,"content":1174,"nodeType":523},{},[1175],{"data":1176,"content":1177,"nodeType":73},{},[1178],{"data":1179,"marks":1180,"value":1181,"nodeType":68},{},[],"une redondance de l’hébergement dans 2 data center secondaires, séparés géographiquement du serveur principal, avec failover automatique en quelques secondes vers un serveur secondaire en cas d’incident.",{"data":1183,"content":1184,"nodeType":73},{},[1185],{"data":1186,"marks":1187,"value":77,"nodeType":68},{},[],{"metadata":1189,"sys":1192,"fields":1200},{"tags":1190,"concepts":1191},[],[],{"space":1193,"id":1195,"type":324,"createdAt":1196,"updatedAt":1197,"environment":1198,"publishedVersion":157,"revision":106,"locale":28},{"sys":1194},{"type":12,"linkType":13,"id":14},"4gonUpEfsZ03OVI5k4XBTD","2024-10-15T15:37:03.923Z","2026-04-10T15:47:06.186Z",{"sys":1199},{"id":21,"type":12,"linkType":22},{"title":1201,"description":77,"file":1202},"Ransomewares protection",{"url":1203,"details":1204,"fileName":1207,"contentType":339},"//images.ctfassets.net/b76knntgaaiu/4gonUpEfsZ03OVI5k4XBTD/adfdaf5f84bac2f078c5f91f9d380fd6/Se_curite__bancaire__3_.png",{"size":1205,"image":1206},375660,{"width":600,"height":601},"Sécurité bancaire (3).png","light-green",{"metadata":1210,"sys":1213,"fields":1224},{"tags":1211,"concepts":1212},[],[],{"space":1214,"id":1216,"type":16,"createdAt":1217,"updatedAt":1218,"environment":1219,"publishedVersion":1221,"revision":51,"contentType":1222,"locale":28},{"sys":1215},{"type":12,"linkType":13,"id":14},"7vLRiSBUu2GdiuzBmFVjaY","2024-10-22T09:08:32.669Z","2026-04-10T15:46:16.951Z",{"sys":1220},{"id":21,"type":12,"linkType":22},19,{"sys":1223},{"type":12,"linkType":27,"id":496},{"slug":1225,"title":1226,"subtitle":1227,"text":1228,"image":1330,"extended":57,"reversed":57,"backgroundColor":690},"securite-humaine-intenre","Sécurité humaine et interne","Formation continue, politiques centralisées et contrôle des fournisseurs",{"data":1229,"content":1230,"nodeType":60},{},[1231,1324],{"data":1232,"content":1233,"nodeType":574},{},[1234,1244,1254,1264,1274,1284,1294,1304,1314],{"data":1235,"content":1236,"nodeType":523},{},[1237],{"data":1238,"content":1239,"nodeType":73},{},[1240],{"data":1241,"marks":1242,"value":1243,"nodeType":68},{},[],"Pennylane dispose d'une équipe de sécurité dédiée et d'une équipe juridique dédiée, toutes deux référant au Comité Exécutif.",{"data":1245,"content":1246,"nodeType":523},{},[1247],{"data":1248,"content":1249,"nodeType":73},{},[1250],{"data":1251,"marks":1252,"value":1253,"nodeType":68},{},[],"Tous les collaborateurs sont formés au règlement interne sur la confidentialité et la sécurité au moins une fois par an, y compris sur les procédures de signalement des incidents de sécurité. Pennylane réalise en permanence des campagnes de phishing pour former tous les employés. Tous les employés sont tenus de travailler dans le cadre de clauses strictes de confidentialité et de non-divulgation.",{"data":1255,"content":1256,"nodeType":523},{},[1257],{"data":1258,"content":1259,"nodeType":73},{},[1260],{"data":1261,"marks":1262,"value":1263,"nodeType":68},{},[],"Tous les collaborateurs sont tenus de suivre un règlement interne global sur les règles et les meilleures pratiques quotidiennes en matière de sécurité et de confidentialité. Ce règlement prévoit notamment les règles de télétravail, d'utilisation des données, d'utilisation et d'acquisition de logiciels, de messagerie et de classification des informations, etc.",{"data":1265,"content":1266,"nodeType":523},{},[1267],{"data":1268,"content":1269,"nodeType":73},{},[1270],{"data":1271,"marks":1272,"value":1273,"nodeType":68},{},[],"L'accès aux locaux de Pennylane nécessite une identification individuelle 24/7/365, à une réception gardée au rez-de-chaussée, comme à chaque étage. Tous les visiteurs doivent s’enregistrer et être accompagnés en permanence. Les locaux sont surveillés 24/7/365 par un système de vidéosurveillance, avec des capacités d'alarme en dehors des heures d’ouverture.",{"data":1275,"content":1276,"nodeType":523},{},[1277],{"data":1278,"content":1279,"nodeType":73},{},[1280],{"data":1281,"marks":1282,"value":1283,"nodeType":68},{},[],"Tous les appareils sont administrés de manière centralisée par des politiques strictes garantissant le cryptage des disques, l'activation du pare-feu, le verrouillage automatique de l'écran, la qualité et la rotation des mots de passe, la protection contre les logiciels malveillants, les mises à jour, le verrouillage et l’effacement des appareils à distance.",{"data":1285,"content":1286,"nodeType":523},{},[1287],{"data":1288,"content":1289,"nodeType":73},{},[1290],{"data":1291,"marks":1292,"value":1293,"nodeType":68},{},[],"Tous les appareils utilisent un logiciel de détection et de réponse EDR, pour vérifier la conformité, contrer les logiciels malveillants, détecter et bloquer des menaces spécifiques.",{"data":1295,"content":1296,"nodeType":523},{},[1297],{"data":1298,"content":1299,"nodeType":73},{},[1300],{"data":1301,"marks":1302,"value":1303,"nodeType":68},{},[],"Tous les périphériques externes de stockage sont interdits et bloqués par défaut.",{"data":1305,"content":1306,"nodeType":523},{},[1307],{"data":1308,"content":1309,"nodeType":73},{},[1310],{"data":1311,"marks":1312,"value":1313,"nodeType":68},{},[],"Pennylane suit une procédure de validation des achats de tous les fournisseurs (outils logiciels, comme professionnels externes travaillant sur les données), incluant une validation conjointe obligatoire de sécurité, juridique et financière.",{"data":1315,"content":1316,"nodeType":523},{},[1317],{"data":1318,"content":1319,"nodeType":73},{},[1320],{"data":1321,"marks":1322,"value":1323,"nodeType":68},{},[],"Des dispositions contractuelles spécifiques, dans la mesure du possible, permettent à Pennylane de vérifier la continuité et l’efficacité des politiques et des contrôles de sécurité de ses fournisseurs, notamment en ce qui concerne la confidentialité, les accords de niveau de service, la réglementation interne et les mesures de sécurité, les évolutions légales, les obligations en matière de réglementation de la confidentialité des données.",{"data":1325,"content":1326,"nodeType":73},{},[1327],{"data":1328,"marks":1329,"value":77,"nodeType":68},{},[],{"metadata":1331,"sys":1334,"fields":1342},{"tags":1332,"concepts":1333},[],[],{"space":1335,"id":1337,"type":324,"createdAt":1338,"updatedAt":1339,"environment":1340,"publishedVersion":157,"revision":106,"locale":28},{"sys":1336},{"type":12,"linkType":13,"id":14},"5Wc3fB06HIlBr3RbnJ9pCQ","2024-10-22T09:08:22.533Z","2026-04-10T15:45:39.473Z",{"sys":1341},{"id":21,"type":12,"linkType":22},{"title":1343,"description":77,"file":1344},"Formation continue en interne pour la sécurité",{"url":1345,"details":1346,"fileName":1349,"contentType":339},"//images.ctfassets.net/b76knntgaaiu/5Wc3fB06HIlBr3RbnJ9pCQ/22c042c3b4e112af14813075e9524851/formation-continue.png",{"size":1347,"image":1348},110745,{"width":801,"height":600},"formation-continue.png","beige",1780085459277]