Security and Architecture of the Youzer Platform

Accommodation & location

• The Youzer infrastructure is hosted on a secure private cloud, operated by French service providers (Kissgroup, OVH, Scaleway, etc.).
• Data and services are hosted in data centers located as close as possible to the customer's location (France, North America, etc.). This approach optimizes performance while complying with applicable local and regulatory data protection requirements.
• Production, pre-production, and testing environments are strictly separated to ensure service isolation, security, and stability.

SaaS architecture

• Youzer is based on a hybrid SaaS architecture, combining a multi-tenant model with dedicated tenants as needed.
• Multi-tenancy ensures load balancing and logical isolation of clients, while dedicated environments can be deployed for clients with high security or volume requirements.
• This approach allows for high scalability, ensuring performance and stability regardless of load variations between clients.

Availability & Resilience

• Youzer relies on a highly available infrastructure, supplemented by a separate disaster recovery infrastructure located more than 100 km away.
• This backup infrastructure is a clone of the production environment, continuously maintained and ready to be activated in less than 4 hours in the event of a major incident.
• Backups are performed every 12 hours and geo-replicated off-site to ensure data integrity.
• Regular tests to restore and activate the PRA are performed at least every two months to ensure service continuity and performance.

Digital Sovereignty

Data protection

• Sensitive data is encrypted at rest to ensure confidentiality in the event of unauthorized access.
• Data in transit is protected by hybrid encryption, combining symmetric and asymmetric keys.
• Regular backup and restore mechanisms are in place to ensure data integrity and availability in the event of an incident.

Access security

• Youzer applies strict internal access management based on the principle of least privilege and clearly defined roles.
• Authentication is centralized and secured by mandatory MFA, integrated with robust identity management mechanisms.
• All access and actions are tracked and logged, with a security-by-design approach integrated from the platform's inception.

Processes & governance

• Youzer has a formalized incident management process covering detection, analysis, remediation, and notification in accordance with regulatory requirements.
• Security patches are applied regularly and prioritized according to their criticality, with documented follow-up.
• Internal awareness is continuously raised through regular training and communication with employees.

Compliance & Regulatory Framework

• Youzer complies with the GDPR and acts as a processor, with contractual commitments strictly governing data protection.
• These commitments are formalized contractually in order to guarantee confidentiality, security, and the rights of the individuals concerned.
• Security audits and penetration tests (pentests) are conducted annually to assess and strengthen security levels.
• Youzer is committed to an ISO 27001 certification process, as part of its continuous improvement strategy.