Skip to main content

IFS Trust Center

Explore how we deliver security, privacy and compliance

At IFS, your trust is important to us. Our commitment to trust is built into every hire, every employee appraisal, every process and every solution we deliver to our customers.

Trust, that as a market-leading, customer-led company, we strive not just to stay compliant with data and security regulations, but instead maintain high standards that help protect our company and our customers who rely upon us.

The IFS Trust Center is your hub for learning about how IFS approach information security, ensuring that our products are secure by design and by default, our services are delivered securely and your information protected at all times.


Cloud Production Service Availability

(rolling 90 day average)

Certifications & Audits

As a business that provides support and developmental growth for customers, we comply with all required legal and regulatory requirements relating to the operation of the company, as well as the delivery of our products and services to our customers.

Our information security practices are subject to external independent reviews. These reviews are conducted against internationally recognized security standards.

View our certifications fact sheet

View our Current Certifications

Security Built Through Trust

At IFS we set a high bar for our global security policies, standards and procedures. By using industry best practice security frameworks including ISO 27001, NIST 800-171, SSAE18/ISAE3402 to create and maintain our Information Security Management System (ISMS), we stay aligned with or even ahead of industry best practices. 

Read our Information Security Fact Sheet

IFS Heroes Community

Become our hero and join our growing community at IFS.

Customer Information Security

Whether our customers choose the IFS Cloud service, on-premise hosting or their own Cloud environment, they can be assured that our products have been developed to the best security standards. All IFS products are routinely tested throughout the development lifecycle in order to identity and address any potential vulnerabilities.

In accordance with our Secure Product Development Lifecycle (SPDLC), segregation of environments, formal change management, independent test and validation and tightly controlled release and distribution processes all help assure product security and integrity of our customer solutions.

Since security threats are constantly evolving, we continuously monitor for new vulnerabilities and ensure that our customers are notified without delay should action be required to mitigate any new risks.

Customer Security in the Cloud


For customers choosing our IFS Cloud service, IFS take care of routine security activities associated with the IFS products. Starting with a secure deployment environment, we perform day-to-day security housekeeping including backups, security patching and monitoring the solution 24x7.

Our Cloud service is hosted in Microsoft Azure, providing industry leading, enterprise-grade security with the added protection that each solution is single tenant, thereby holding it completely isolated from other customer solutions. In addition to providing an extra layer of security, this enables greater flexibility and control for our customers who are able to align routine maintenance and upgrade activities with their own business schedules.

Additional to the security testing performed throughout the product development lifecycle, IFS Cloud service customers have the benefit of knowing that their solution resides in an environment that has been extensively penetration tested by an independent security specialist organization.

Read our Cloud Security Fact Sheet

Keeping Your Data Private

We understand the importance of being transparent when it comes to the use of your data, including personal data. We maintain a global privacy programme and our global policies and process are compliant with applicable laws and regulations including the General Data Protection Regulation (GDPR).

Depending on the service we provide, we may act as a data processor, sub-processor or data controller. Each customer contract incorporates a data processing addendum which sets out clearly how we process personal data.

Our commitment to data privacy includes ongoing staff training, comprehensive privacy policies and procedures and an active compliance program overseen by our Global Privacy Officer. We keep up to date with the latest changes in data privacy laws and regulations and adapt our privacy program accordingly.