As a business you want your or your customers goods transported in a reliable and safe way. Businesses go through great lengths goods will not be lost or damaged on its way. But how secure and safe is your software and how do you ensure the goods arrive as promised? The security of your software is just as important for your business as the security of your good is. Just as you do not want to lose any physical cargo, we do not want your data to be lost or handled in an unsecure and unsafe way.
Security is one of the main priorities. We make sure that security is at its best in various ways:
All of our software is available in the cloud, which means that all our logistics software can be accessed by an internet browser. To safely work within a cloud-based environment, a secured connection is needed. The software of Adaption is secured by an encrypted connection, an SSL certificate. This certificate is published by GlobalSign. GlobalSign is one of the most reliable publishers of SSL certificates. The SSL certificates are used by companies like Ford, Toyota, Netflix, Microsoft and BBC.
Do you want to check the safety of our connection? Feel free to take a look on the website of SSL labs.
Another safety measure we’ve undertaken is the implementation of APEX-SERT into our development and testing process. This tool is especially developed to evaluate applications on several security risks and identifies any vulnerabilities. APEX-SERT is fully integrated into the application builder, the developing software we use to develop our software. Many companies are using APEX-SERT after developing software to evaluate the software. We use it differently. APEX-SERT is a part of our developing process and our APEX-SERT checks every environment on possible threats every night. After the checks, we receive a status mail with issues regarding the security standards. If there are any issues we take immediately take action to fix the reported issues. To ensure the safety of our customers’ software solution we only release our software when the score is 100%. Our goal is to always maintain this percentage of excellence.
A super safe hosting environment
When goods are transported it is easy to say in what kind of environment it is located. This can be a highly secured warehouse with a lot of security measures, but also a storage location somewhere on an isolated industrial area, somewhere anyone could get access to. Our software is hosted on our own server in a super safe hosting environment. It is located in a bunker at Schiphol, we use to call it “the Bunker”. This bunker fully complies with European legislation and more.
Multiple internet connections and redundant firewalls make sure that there is connectivity with the outside world. The entire environment is based in the state-of-the-art data center of Equinix on the Amstel Business Parc. The servers are located in one of the best data centers of the Netherlands: TeleCity 4 – Amstel Business Parc and the back-up is located in TeleCity 5, both are located in Amsterdam. The locations are connected with a double 10Gbe ring (20Gbe throughput).
The data center takes care of highly availability of the environment (security, fire, power) This server environment is monitored continuously for potential threats. The facilities meet the international standards of ISO 9001: 2008 for quality, OHSAS 18001:2007 for security, ISO/IEC 27001:2005 for information security and PCI-DSS chapter 9 for vulnerability.
It is almost impossible for someone to enter our hosting environment. All the spaces are conditioned and protected to fires, power loss and water damage. The physical server of Adaption runs on a Virtual Machine which runs on a shared hard drive by RAID. Because of this we were able to create a fall back scenario of five minutes. If the server crashes another server is up-and-running within five minutes.
Daily back-up database
A back-up of the data is made on a daily basis, this happens every night. All the back-up data is saved for 30 days. The back-ups are saved off-site in another secure area. By saving the back-ups off-site we are able to guarantee that your back-up data will never be lost.
Working in the Cloud has many advantages. One of them is that the software is available at all times, from any location and through supported every device. In some cases however, it is not desirable that users have access to sensitive information. It is possible to allow each individual user access to log in from a predefined list of IP-addresses.
Minimal access to the servers
We use a proxy server which is set up in a way it avoid attacks like cross side scripting. Cross side scripting is an error in the security of a web application. This error is caused by a faulty processed input. This faulty processed input can be caused by cookies, URL requests of parameters. All other webservers and databases are closed for the outside world. There is no other possibility to reach this data than through this proxy server.
Within the application many different roles can be defined. A role determines which pages, processes and reports are allowed to be executed. For example, you can define that your transport planner is not allowed to edit or see the invoicing area or the employee administration. Another option is that a certain user has the rights to see data, but not to edit the data. A user is able to have one or multiple roles.
All of the logistic software products of Adaption are Cloud solutions. To ensure that all your data is perfectly secured we use tenants. A tenant is a separated user environment which is specifically configurated for the user. Do you have multiple departments or companies and do you want to make use of the same software? A leading tenant with various companies or departments configured under that tenant would be a possible solution. All the master data like scenarios will be shared, but for instance orders, quotations and invoices will be shown accordingly.
Two factor authentication
You can log in into all our software solutions in two ways: via username and password or via a two-phase login. The two-phase login is an addition to logging in via the username and password. After the first log-in step, the user will see a code on his smartphone. This must be entered by the user in the second login screen. For this method, we use the TOTP, Time-based One-time Password algorithm.