Benefit from Comprehensive, Multilayered SaaS Controls
apexanalytix specializes software as a service solutions for procure-to-pay, including our apexanalytix firststrike® controls and analytics and our apexportal® software for supplier information management. When you adopt our solutions, you benefit from a comprehensive program that protects the privacy, security and availability of your data – from the time it is transmitted and received to the time it is archived and stored.
Our multilevel protection plan ranges from a highly secure infrastructure to the most rigorous operating procedures and controls. We provide data center diversity, resilient systems, physical security controls, network security, transport security and comprehensive data encryption – protecting you end to end.
apexanalytix firststrike® software saves billions, every year, for procure-to-pay teams around the globe, who rely on its powerful software analytics to protect against overpayments, uncover and investigate fraud, analyze large data stores for new insights and more. Our apexportal® software is used for supplier onboarding and vetting, for ensuring global regulatory compliance and for continuously monitoring and improving your vendor master data.
When you adopt our software as a “software as a service” (SaaS) solution, you benefit from a comprehensive program that protects the privacy, security and availability of your data—from the time it is transmitted and received to the time it is archived and stored. The multilevel plan we’ve developed spans every available layer of protection, from a highly secure infrastructure to the most rigorous operating procedures and controls.
Security Practices and Controls
DATA CENTER DIVERSITY
- SSAE 18 SOC 2, Type II compliant production data center hosted by Quality Technology Services (Georgia)
RESILIENCE
- Fault-tolerant systems
- Fully redundant data center infrastructure (N+1)
- Four independent power feeds, generator backup
- Redundant cooling
- Diverse carrier hotel
- Fiber connectivity for business continuity
- Fire detection/suppression and alarms
PHYSICAL SECURITY CONTROLS
Building-wide protections
- 24×7 security guards
- Facility-wide CCTV monitoring
- Single point of entry
- Intrusion detection system
- Bollards to prevent breach
- Bullet-resistant exterior glass
- Fenced receiving area segregated by badge-reader access
- Guests preauthorized and under escort
Data center protections
- Triple access controls: RFID badge, fingerprint scan, iris scan
Server protections
- Private equipment cage
- Keyed access, controlled by on-site apexanalytix personnel
NETWORK/TRANSPORT SECURITY
- Cisco network switches, routers IPS and
- Managed file transfer system, with multiple secure protocols
- 56-bit TLS encryption
- Password-protected access to file transfer server
- Regular review of server security logs
- Managed File Transfer
APPLICATION SECURITY
- Role-based authorizations using Active Directory
- User ID/password authentication
- Single sign-on
- Password complexity requirements, 60-day password updates
- Comprehensive log of all log-in attempts and user activities
DATABASE SECURITY
- Encryption of Personally Identifiable Information (PII), bank account numbers and other sensitive data fields
- Data stored on SQL server, using Active Directory to restrict access to:
- Authorized customer contacts
- apexanalytix analyst responsible for processing customer data
DATA BACKUPS
- Fully automated server and database back-ups using Commvault
- Daily incremental backups
- Weekly full database backups
- Logged and stored in locked containers at Iron Mountain
- Accessible only by authorized apexanalytix personnel
MONITORING AND MANAGEMENT
- 24×7 monitoring of all server hardware and network components
- Real-time alerts of security events
- Centralized monitoring of system and network capacity for growth planning
COMPLIANCES
- SSAE 18 SOC 1, Type II, audited annually
- SSAE 18 SOC 2, Type II, audited annually
- HIPPA compliant
- GDPR compliant
DISASTER RECOVERY
- Multiple geographically separated data centers
