Trust Center

Security and Privacy Controls for your Apps and Data

Security – A Priority at Quixy

As a leading Business Process Management (BPM) and Application Platform-as-a-Service (aPaaS) provider, Quixy enables businesses to design, develop, deploy, and manage enterprise-grade applications. Security is the highest priority with a strict no-compromise policy being adhered to at each and every step. Starting with the choice of cloud infrastructure that hosts the platform, the platform per se, and the ready-to-use applications designed on the platform – all of these three crucial aspects necessarily meet the highest security standards.

At Quixy we make security a priority at every step right from code development to incident response through the three aspects as mentioned. Starting with detailed planning, sound architecture, and efficient operations, we put everything into providing a stable, innovative, and secure platform.

Security Operations

We have adopted a set of ISO / IEC 27001:2013 Information Security System controls that govern the complete product life cycles – software development, delivery, support, and other related operations.

To ensure the security, credibility, and availability of the Quixy Platform and customer data, combinations of preventive, protective, and reactive controls are in place.

These controls include:

  • Stringent restrictions on access to sensitive data, including multifactor authentication or certificate-based authentication for sensitive operations.
  • Thorough background checks of staff who are part of customer data operations.
  • Various levels of tracking, logging and reporting rates, including self-service tools are built into the Quixy Platform
  • A 24/7 incident security service working to minimize the consequences of attacks and malicious activity
  • A life cycle of software development that integrates security specifications into systems and applications across the phases of planning, design, implementation, and delivery.

Maximum Privacy

At Quixy, data privacy is everything. We understand that customers rely on us to ensure that the privacy of their information will be protected and that their data will be used in a way that is consistent with their expectations.

Our clients determine which data they submit as customer data to the Quixy Platform. Concerning such data, Quixy acts as a data processor and addresses the following privacy commitments:

Restricted Access

One of the stringent security measures we follow is that access to customer data by Quixy personnel is restricted. The data can only be accessed when necessary to facilitate the use of the Quixy application by the customer after specific authorization has been provided. In addition, stringent authentication, including the use of multifactor verification, only serves to limit access to approved staff. Personnel access is withdrawn as soon as it is no longer required.

Notification of lawful requests

When stored within the Quixy Cloud, our customers should monitor their data. Under no circumstance do we disclose customer data to law enforcement authorities unless as directed by a customer or where required by law. When governments make a lawful demand from Quixy for consumer data, we aspire to be driven by standards, restrained in what we report and adhere to transparency.

Aligned to compliances

Compliance plays a crucial role in our customers’ interest and performance. We are committed to complying with the laws and regulations which apply to us as we take our business forward worldwide. In addition, we use universal standards to meet our client’s expectations as an organization or in a collaborative effort

Coveted certifications

Quixy is ISO/ IEC 27001:2013 certified. This certification defines the criteria for the development, implementation, maintenance and continuous improvement of an information security management system and also provides specifications for the evaluation and treatment of information security risk relevant to our needs and that of our customers.

Our certifications are available for our customers upon request under NDA. Please send an email with your request to [email protected] or ask your Quixy Account Executive for a copy of the certificate.

FAQ

First published in September 2013, ISO 27001 is a specification for an information security management system (ISMS). An ISMS is a framework of policies and procedures that includes all legal, physical and technical controls involved in an organization’s information risk management processes.

According to its documentation, ISO 27001 was developed to “provide a model for establishing, implementing, operating, monitoring, reviewing, maintaining and improving an information security management system. ” Quixy considers security not to be optional, so therefore we aligned our vision on security along the three pillars of information security, better known as CIA, standing for Confidentiality, Integrity & Availability.

>

COVID-19 Update: A message from our Founder and CEO