Security

Storing your financial transactions is what we do – and we take protecting your valuable information very seriously. We continuously invest significant resources in state-of-the-art technologies to keep our security infrastructure updated. The following security measures have been taken to ensure your information is safe at all times:

Physical Security
Our application servers are located in a purpose-built facility with 24-hour video surveillance, physical security, backup electrical generators, and other back-up equipment required to keep servers continually up and running.

Perimeter Access/Defense
Our major network backbone includes three connections to separate network service providers. Network
perimeters are protected by custom-configured firewalls provided by leading security vendors. AlphaTenders
routinely tests all aspects of the network infrastructure to protect against threats.

User Authentication
Users access AlphaTenders’s cloud-based e-procurement software only with a valid username and password.
These are encrypted using a Secure Sockets Layer (SSL) protocol which provides a secure online channel for access.
User credentials are verified before access to the AlphaTenders database and application interface is granted.

Application Security
The application security model has been designed so that it is not possible for one AlphaTenders customer to access another customer’s data. This security model is applied to every data request and enforced for the entire duration of a user session.

Operating System Security
We enforce tight operating system security by using a minimal number of access points to all production servers. All operating system accounts are password-protected. All operating systems are maintained at each vendor’s recommended patch levels for security. All operating systems are further secured by disabling and/or removing any unnecessary users, protocols, and processes.

Database Security
Whenever possible, database access is controlled at the operating system and database connection-level for additional security. Access approval to production databases is limited to a number of points.

Server Management Security
All data entered into the AlphaTenders by a customer is owned by that customer. AlphaTenders employees and representatives do not have direct access to the AlphaTenders system, except where necessary for system management, maintenance, monitoring, and backups. AlphaTenders employees and representatives who have access to the production equipment must pass a rigorous background check.

Data Backup
AlphaTenders applications reside on clustered servers. All customer data is backed up every sixty minutes. Backup files are also transferred electronically to a disaster recovery location every 24 hours.

Disaster Recovery Plan
Our hosting facility has been designed to withstand many foreseeable catastrophic failures, such as power outages, contractor mishaps, fire, flood, and theft. Power is supplied by separate feeds entering from different sides of the building. It also has full UPS (uninterrupted power supply) and generator capabilities in case of a power outage.
In the unlikely event of a catastrophic site failure, AlphaTenders has a comprehensive recovery plan in place. Additional host equipment at a separate location is capable of performing all hosting functions in the case of such an emergency, with sufficient capacity for customers until such time as AlphaTenders’s applications can be restored at their original location or at a replacement hosting facility.

Summary
As a service provider, our aim is to deliver a best-of-class security infrastructure consisting of proven, cutting-edge technologies. AlphaTenders delivers the most comprehensive security solution available. This solution includes firewalls and encryption devices sourced from leading security vendors, configured by expert professionals, and rigorously tested.