- Frequent security audits and penetration tests.
- All users have unique user accounts and unique passwords.
- No storage of passwords in plain text.
- Trading partners access data specific to only their transactions and hierarchical, user-based permissions.
- All administrative capabilities are limited.
- All events are audited and recorded.
- Server access restricted to only encrypted SSH sessions with a valid certificate. No remote password authentication. Firewall protection installed on entire network infrastructure.
- Automated provisioning on all servers. We bring new servers online in under 10 minutes, allowing us to quickly recover from faults or to expand capacity on the fly.
- Secure tunneled access to server infrastructure. Standardized data retention strategies.
- Industry standard SSL encryption.
- Secure 256-bit encrypted daily offsite backups for disaster recovery strategy.
- Modern, salted password encryption.
- Secure document storage using securely hashed names.
- No company data stored on USB devices.
- Background checks performed on all employees.