Innovative architecture
Maximum security

Based on an innovative architecture and on the highest standard of security, Memority delivers its services trustworthy to its customers.

Innovative architecture

A unique platform

Memority is a single platform with three offerings: My-Identity, My-Access and My-Keys. These three offerings share several services: data backend, cross-functional services, administration portal, functional portal, and so on.

Read more

Lire moins

Micro-service and cloud native

Memority has been developed on microservices approach, enabling each rendered function to be specialized. This architecture facilitates maintenance, operation, version update and security.

Read more

Lire moins

Multi-tenant at application level

The Memority platform is a multi-tenant architecture. Multi-tenancy is managed at the micro-service level, not at the container level. Each micro-service works for all the client tenants deployed on the platform. Consequently, segregation between application tenants is carried out at application and data backend level.

Read more

Lire moins

Blue/green version update

Our development teams work in agile mode and are organized into feature teams. The platform is updated every three weeks. These updates are carried out by redeploying the microservices on a second architecture and switching between the old and new architectures.

Read more

Lire moins

Resilience

The Memority platform is systematically deployed on a region of one of our Cloud providers, which means that Memority is deployed on three datacenters all operating in active mode to offer maximum availability. As an option, we offer a DRP (Disaster Recovery Plan) to another region of the same Cloud provider.

Read more

Lire moins

Non-intrusive architecture

All Memority components are deployed in the Cloud. We do not deploy any components on our customers’ information systems. We are fully responsible for the availability and operation of the platform, thus avoiding a complicated RACI between supplier and customer.

Read more

Lire moins

Performances & SLAs

Thanks to its innovative architecture, Memority has been tested for up to 100 million identities within a single tenant, while providing service to other tenants on the same platform. The architecture is highly scalable, thanks to the dynamic addition of micro-services instances.

Read more

Lire moins

Hosting

Memority currently propose two Cloud providers:
• AWS for deployment in the Paris or Dublin regions
• S3NS for the Paris region. S3NS is the JV between Thales and Google. It provides a trusted cloud that will be SecNumCloud certified by 2025.

Custom architecture

Our customers are able to choose different architecture options:
• choice of Cloud provider: AWS or S3NS, or possibly GCP
• choice of region: Dublin, Paris, or possibly another region
• choice of shared or dedicated platform architecture
• choice of DRP or not
• choice of escalation to customer SOC.

Maximum security

Dedicated security team

Memority has a dedicated security team made of a CISO and security experts.

Risk analysis

Memority has a dedicated risk analysis for its services. It is updated annually and whenever new technical or functional components are defined (and generally whenever the risk profile requires it).

Security by design

Memority is designed for end-to-end security, in line with DevSecOps best practices. From risk analysis to the implementation of mitigation actions, source code is subject to peer code review as well as automatic static (SAST) and dynamic (DAST) code review using tools included in our development software factory.

Read more

Lire moins

Security architecture

The Memority architecture is divided into specialized zones based on the principle of in depth defense. All the services required for such an architecture are in place: anti-DDOS system, firewall, web application firewall, etc. All operating systems are state-of-the-art hardened.

Encryption

All our servers are surface encrypted (data encrypted at rest). All data flows, both internal and external, are encrypted (data encrypted in transit).

SOC

Memority is supervised by the Thales SOC in real time to detect intrusion attempts and counter them if necessary. An automatic vulnerability scan is performed on a daily basis to compare the software versions used with known vulnerability databases.

Vulnerability management

Based on the vulnerabilities detected and the associated criticality, Memority carries out software updates (patches or version upgrades) within a constrained timeframe, while respecting the service provided to our customers.

Read more

Lire moins

Inventory and change management

All our assets are inventoried in our Configuration Management Database (CMDB). Each change is subject to impact measurement, and internal and external communication if necessary. All changes are tracked.

Identity and authorization management

Memority has implemented the principle of least privilege and the principle of segregation of duties. Account and clearance reviews are carried out quarterly. All accesses benefit from MFA authentication.

Managing privileged accounts

Privileged accounts are nominative. Access after MFA authentication is via a VPN and through a bastion. The bastion records all administrator actions (both online commands and graphics).

Secret management

All Memority secrets linked to the platforms are stored in secure enclaves (HSM) to which access is strictly regulated.

Anti-DDOS

To avoid any risk of downtime, Memority is protected by specific anti-DDOS measures.

Crisis management

Memority has defined a crisis management plan, including in particular the specifics of cyber incidents, in order to keep customers and the relevant authorities informed and to implement remediation actions as efficiently as possible.

Audit

Two external audits are carried out each year to ensure continuous improvement.

Certifications and qualifications

Memority is in the process of obtaining ISO27001 / ISO 27701 certification (target date: second half of 2024). At the same time, the Memority security team is discussing with ANSSI the road to SecNumCloud SaaS qualification by 2025.

GDPR

Memority complies with the RGPD (General Data Protection Regulation) as a subcontractor. All processing is carried out by Memority solely at the request of customers.

Read more

Lire moins

Transparency

Our customers are authorized to audit their instances in accordance with Memority audit rules. We discuss with our customers and prospects the security measures in place and the improvements that could be made.

Our offers