Integrated Management System
Qboxmail adopts an Integrated Management System to ensure
- The control and optimisation of business processes;
- The security of data and information;
- The provision of services according to appropriate quality standards;
- Business continuity;
- Continuous improvement;
The Integrated Management System for Quality and Information Security is a governance tool based on the principle of continuous improvement and the best-practices provided for by the relevant ISO international standards.
The following documents are currently only available in Italian. The English version will be available soon.
Our certifications
Quality – ISO 9001:2015
ISO 9001 certifies the optimisation of Qboxmail’s business processes aimed at continuous improvement of service delivery and customer satisfaction.
Certified processes
Design, software development and delivery of cloud-based email hosting, email delivery and email security services.
Date of issue of certification
June 8, 2023
Validity
June 8, 2023 – June 7, 2026
Download the certification
Information security – ISO 27001:2013
The ISO 27001 standard certifies the secure management of information and personal data. Qboxmail has adopted advanced controls by extending the ISO 27001 certification to ISO 27017 and ISO 27018 standards on security and privacy of cloud services.
Certified processes
Design, software development and delivery of cloud-based email hosting, email delivery and email security services.
Date of issue of certification
June 8, 2023
Validity
June 8, 2023 – June 7, 2026
Download the certification
Qualified Cloud Services for italian PA
Qboxmail Srl, a provider of email services in SaaS mode, has been qualified by ACN (National Cybersecurity Agency) as a Cloud Service Provider for Public Administration (PA). The qualification was obtained for both its Cloud Services and Cloud Services infrastructure.
Qualified services
The following products are present in the Qualified Cloud Services Catalogue for Public Administration (Cloud Marketplace):
- Qboxmail Email Hosting
- Qboxmail Email Delivery
Qualification Release Date
21 July 2023
Validity
12 months
Information Security
The relevant information security measures that Qboxmail implements and includes in the supply contract are specified below:
- Protection against malware;
- Backups;
- Cryptographic controls;
- Vulnerability management;
- Incident management;
- Technical compliance monitoring;
- Security testing;
- Auditing;
- Collection, maintenance and protection of evidence, including logs and audit trails;
- Protection of information in the event of termination of the service contract;
- Authentication and access control;
- Identity and access management;
Cloud-based data entrustment
Cloud-based data entrustment according to ISO 27017:2015 requires the verification of certain requirements for both the customer and the supplier.
Specifically, ISO/IEC 27017 provides Cloud-based guidance on 37 ISO/IEC 27002 controls, as well as seven new Cloud controls:
- Responsibilities and roles between the cloud service provider and the cloud customer;
- Removal and return of assets upon termination of a contract;
- Protection and separation of the virtual environment between clients;
- Robustness requirements of virtual machines to meet customer needs;
- Procedures and regulations for managing a cloud environment;
- Monitoring of customer activities within a cloud environment;
- Aligning security management for both virtual and physical networks;
Qboxmail, in accordance with ISO 27017:2015 guidelines, has set out precise requirements to be met, customers can contact us for details on how activities are managed.