Skip to main content
Skip table of contents

How is our platform security audited?

Purpose

To define what a security audit is, and to outline how our platform is security audited.

More information

A security audit is an systematic evaluation of a company's information system to verify if it meets a set of established criteria.  Typically, an audit evaluates the physical, technical and software security practices of the system's physical configuration and environment. It examines the company's disaster recovery procedures. Finally, it assesses the company's user practices. 

As a SaaS (Software as a Service) company, any security audit must also verify the platform's stability and scalability and its software development practices. Three different types of security diagnostics are typically used:

  • security audit - measures a company's information system against a set of established criteria.

  • vulnerability assessment - seeks to highlight potential security weaknesses in the company's information system.

  • penetration assessment - a systematic covert evaluation, where the auditor attempts to attack the company's information system in order to highlight potential security weaknesses 

The key reasons that we conduct regular security audits on our information systems are:

  • To protect the data that is processed by Experlogix on behalf of you and your customers

  • To identify potential security risks, so we can fix them before they happen

  • To maintain high quality - in particular, to verify that the processes and procedures in place are carried out by our staff consistently and to a high standard

As a company, Experlogix are committed to providing you with a software platform that is as secure as possible.

Because of that, we have Technical and Organisational Standards that are followed by all employees. These standards cover our employees' practices (including code development procedures), physical security, the technical security of the platform and what we do in an disaster recovery scenario, These are reviewed and updated regularly to reflect the current business environment. Additionally, our platform is externally audited each quarter, which provides an independent audit of our software and processes. Currently, there are no critical known security issues.

Our platform runs on Amazon Web Services in a clustered, auto-scaling environment.  The current AWS Infrastructure provides a scalable model for the platform going forward into the future and has detailed performance and security monitoring running 24/7 to ensure smooth operation.

Our SLA mirrors the AWS SLA with an uptime target of 99.95%.

Key points

  • Our platform undergoes security audit regularly.

  • We have standards and processes in place that we follow to protect data that we process, to identify and fix potential security risks before they happen and to maintain high quality.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close