Data Security & Protection at Phonexa is the highest priority. As a Phonexa customer, you will benefit from data center and network architecture built to meet the high requirements of the most security-sensitive organizations.
An advantage of the Phonexa platform is that it allows customers to scale while maintaining a secure environment. Customers pay only for the services they use and our security protections come at no added cost to your business.
High Level Security Infrastructure and Testing - all at NO cost.
Cloudflare’s enterprise-class web application firewall (WAF) protects your Internet property from common vulnerabilities like SQL injection attacks, cross-site scripting, and cross-site forgery requests with no changes to your existing infrastructure.
The GCP firewall lets you allow or deny traffic to and from your chosen internetconnecting devices. This firewall provides an impressive level of protection at the virtual networking level.
Cloudflare’s network capacity is 15x bigger than the largest DDoS attack ever recorded. With 15 Tbps of capacity, it can handle any modern distributed attack, including those targeting DNS infrastructure.
The Google Cloud Platform deploys detection systems, implements barriers, and absorbs DDoS attacks by preventing hackers from overwhelming or disabling access to your end users.
Since DDoS attackers use multiple hosts to launch a large-scale attack their targets, Phonexa’s sensitive Automated IP Ban System has been implemented to ban any and all IP addresses that pose even a remote threat to the system, mitigating all risks of a full blown DDoS attack.
Client-server communications have been heavily encrypted for maximum data security. Rest assured that all traffic passing between you and the Phonexa server will be protected by multiple layers of encrypted algorithms.
On top of the three powerful firewalls and DDoS prevention methods in place, we’ve also tamper-proofed our software to make it more resistant to attacks, resulting in the system becoming a smaller target for attackers overall.
Phonexa’s key personnel are Certified Information Privacy Professionals and possess an understanding of global concepts of privacy and data protection law and practice. The global industry standard for professionals in the field of privacy, CIPP helps organizations strengthen compliance and risk mitigation practices.
High Level Security Infrastucture and Testing - all at NO cost.
For added gateway protection, users go through a 3-step login process, including the initial password submission, one-time token authentication and a PIN passcode.
Keep the bad guys out, even if they steal your password through malicious software. Phonexa secures your account by requiring a mandatory second login step. Two-Factor Authentication protects against phishing, social engineering and password brute-force attacks and secures your logins from attackers exploiting weak or stolen credentials.
The ACL, or access control list, is a list of permissions attached to individual operations. Phonexa’s flexible ACL System allows for combinable user roles, an additional password layer for modules with sensitive data, and the ability to fine-tune system privileges on the individual user level.
Also known as brute-force cracking, this specific attack uses trial and error to decode encrypted data through extensive effort. To combat brute-force attacks, Phonexa’s system creates captcha for each login and automatically locks the account after a certain amount of failed login attempts, notifying the administrator of the activities.
The Payment Card Industry Data Security Standard is a set of policies and procedures intended to optimize the security of transactions and protect against the misuse of personal information. PCI DSS ensures a secure network, encryption of sensitive data including banking information and Social Security numbers, among other enforcement measures.
Phonexa's robust infrastructure is equipped with industry-leading security and high redundancy to ensure that your business will never be interrupted. Our scalable architecture was designed for high-volume operations. By continually monitoring and improving our applications, systems, and processes, we demonstrate our commitment to protecting your information. Phonexa's robust cloud platform ensures high uptime, instant recoveries, multi-site redundancy, and hardware-software interconnectivity. Meeting Global Compliance Standards Phonexa manages asset security by using cloud services that adhere to the following standards that are outlined by the Internal Organization for Standardization (ISO) and the International Electrotechincal Commission.
Phonexa has further strengthened its security and availability by receiving its SOC 2 Type 1 and 2 certification for 2021 from an independent auditor. The rigorous examination, evaluation and certification from the Security and Organization Controls shows that Phonexa’s systems and controls are powered to keep sensitive client data safe and secure under globally recognized standards.
The ISO/IEC 27001:2013 standard outlines requirements for establishing, enacting, maintaining, and bolstering Phonexa’s Information Security Management system. It also includes requirements for the assessment and treatment of information security threats.
The ISO/IEC 27001:2005 standard specifies the requirements for establishing, enacting, operating, guarding, maintaining and enhancing Phonexa’s Information Security Management system within the context of specific business risks. It also includes requirements for the implementation of our strict security controls. The ISO/IEC 27001:2005 standard was designed to ensure adequate and proportionate security controls that protect information assets and give confidence to those involved. The benefits of ISO/IEC 27001:2005 implementation include, but are not limited to:
CDSA - Content Delivery & Security Association
Data security is great to talk about, but it’s only as strong as its weakest link. That’s why at Phonexa we have a preventative security plan that utilizes internal vigilance and external partners. These steps prepare our application to face even the most severe cyberattacks.
With a team of Certified Information Privacy Professionals armed with years of experience in cyber security, Phonexa is well-positioned to guard against any and all hacker threats.
Feel secure with our multi-pronged security processes
The Phonexa team engages in weekly vulnerability assessments to make sure our application remains guarded against possible incursions. These preventative measures are conducted by our expert tech team, who stay continuously up-to-date on the latest cyber threats and defensive strategies.
Phonexa works with multiple external partners who perform critical penetration testing and other data security checks at specified intervals each year. By utilizing the expertise of established agencies like Trustwave and others, Phonexa reduces risk, protects data, and keeps our platform safe.
Phonexa has partnered with Rapid7, a global leader in cyber security. Rapid7 works with Phonexa to perform monthly web application security scanning, providing visibility into the Phonexa web application’s vulnerabilities.