Data Security

Rosslyn Analytics fully understands its responsibilities as a company that deals on a daily basis with your critical and valuable data. Therefore, security is of almost importance in our approach and strategy.

As a result, our web-based automated spend analytics platform, Rapidintel, is designed from the ground up with data security in the forefront of our thinking. We have taken great care to ensure that your data has the highest levels of protection available at all times.

This document outlines the varied and extensive methods that we currently employ to ensure the safety of your data. Please rest assured that our methods are reviewed on a regular basis to ensure that we are provide state of the art security on an on-going basis.

Confidentiality

Prior to any activity involving your data, Rosslyn Analytics will ensure that there is sufficient signed documentation in place to ensure confidentiality and protect you against the disclosure or misuse of your data. We can provide you with our standard non-disclosure agreements or are generally happy to work within an existing framework that you may already have in place.

Data Extraction

Rosslyn Analytics provides you with a suite of data extraction tools and templates, RA.Pid® Extract, to extract data from your Enterprise Resource Planning (ERP) systems such as SAP. All of our tools and techniques are installed on-site and any extraction is executed within your network and firewall set-up.

Once ready, data is typically transferred to Rosslyn using Secure File Transfer Protocol (SFTP). Regardless of the transfer method, no data is transported physically, electronically, or via any other file transport protocol without a minimum 128bit password protected encryption and written consent from the client.

Physical Data Security

Your data will be stored in its own database within Rosslyn Analyticss state-of-the-art server infrastructure. With 24x7 onsite security personnel, CCTV, steel-plated doors, restricted authorised access control and locking rack space, you can be sure that your data is well protected. Our data centre holds the following accreditations:

  • ISO9001 Worldwide Quality accreditation.
  • ISO27001 2005 Part 2 Information Security accreditation.
  • ISO 14001 - 2004 Environmental Management System accreditation.

Firewalls & Data Encryption

Each of the servers on which we store your data is protected by Fortigate 3600 firewalls and is configured with a limited set of open ports. The Fortigate 3600 Firewall delivers best-of-breed and award winning network-based antivirus firewall systems for real-time network protection, intrusion detection/prevention, VPN, and Web and email content filtering.

Additionally our software is developed to utilise multiple levels of encryption whilst handling your valuable data. Currently, these currently consist of the following:

  • Level 1 - Application Encryption. Application data is encrypted at source prior to sending requests to our secure servers.
  • Level 2 - SSL Secure Socket Layer through HTTPS. Applications use 128bit SSL encrypted connections to our secure servers.
  • Level 3 - SQL Server SSL Encryption. SQL Server SSL encryption is enabled to further encrypt data transfer between servers and applications.