Our dedicated Information Management Security Team are supported internally by a team of experienced developers, software testers, Certified GDPR practitioners and our own Data Protection Officer as well as independent security experts and external penetration testing companies who continually monitor and help to improve security and protect your data.
networx have undergone the rigorous exercise to become ISO 27001:2017 certified.
This means that not only do we have the right processes and policies in place to manage security risks efficiently but clients and candidates can be confident that these processes and policies have been fully assessed and meet the high quality standards required to become certified.
The scope of our certification covers both our software and our services.Find out more
Data is held in the cloud by global hosting provider, Rackspace. They offer one of the most secure hosting services available and provide access to your data 24/7/365.
Their EU data centre is located in Heathrow, UK.
Rackspace constantly monitor our network traffic and notify us immediately by text and email to alert us of any suspicious activity/ anomalies via their active 24/7 monitoring and Alerts service.
Rackspace are also SOC-1 and ISO 27001 accredited.View Rackspace Certifications
We run multiple database servers.
Should a server have any kind of failure our infrastructure will automatically and seamlessly switch to another server to ensure there is no interruption to the service.
We perform daily backups which are retained for a two week period to allow us to recover data should the need arise.
Access to client data is assigned by Need.
Client user access is controlled according to each clients requirements. User access rights can only be changed following a request from authorised personnel.
We employ an independent provider to conduct regular Penetration Testing across our software. This is essentially a controlled form of hacking which allows us to identify any weaknesses before anyone else does.
Our software is fully penetration tested and validated on an annual basis by SEC-1.
Sec-1 uses a blend of methodologies taken from industry best practice standards such as the Open Source Security Testing Methodology Manual (OSSTMM), the Open Web Application Security Project (OWASP) and the Council of Registered Ethical Security Testers (CREST).
Independent penetration tests are run on an annual basis.
We also perform our own penetration tests using an automated tool provided by SEC-1 every month. Reliability and functional user testing is also incorporated.
All development work is handled internally within our technical team at our Head Office in Otley.
We run a formalised 3 monthly development cycle and all developments are subject to rigorous testing processes before being released.
Quarterly releases are planned within the preceding quarter providing a development window in most cases of a maximum 6 months. This is a conscious move to ensure the development programme is agile enough to deliver improvements suggested or requested by the client base and to deliver cutting edge functionality on a regular basis. This also includes bespoke client work/integrations.
Each quarter release is communicated via email to assigned users. This information is provided at least 2 weeks prior to the release date with full documentation available.
New system updates
For the vast majority of releases, the system update will not involve any interruption to the service. Where possible we try to ensure that new features require an activation so you have chance to adapt your internal procedures before accepting new functionality. Where this is not possible, plenty of notice will be given.
Wait... Not quite ready to book a demo but want to find out more?
Please leave your details and one of our team will contact you to discuss your requirements.