Apteco security overview
The Apteco security overview provides an understanding of our security practices and how we protect your data. Our goal is to give you confidence that your data is secure with Apteco and to demonstrate our commitment to maintaining a secure and trustworthy environment.
Internet-connected systems offer many benefits—location independence, wide access, and sharing—but have weaknesses that are vulnerable. Apteco software includes many features that can increase security and protect the data in your system.
Note
Many of the security features detailed here are subject to configuration controls. The security of a database depends on the precise configuration deployed for that database. Security threats evolve, and systems therefore require continuing monitoring to ensure standards are maintained.
- Architecture security—web service security features and database data protection
- Securing your system—practical steps to increase the security of your Apteco installation
Client confidentiality and Apteco employment contracts¶
Apteco employee contracts include clauses requiring client confidentiality to be maintained.
Secure software development lifecycle¶
Apteco follows best practices as part of our software development lifecycle, including:
- Annual in-depth dedicated penetration testing by independent security consultants
- Software Composition Analysis (SCA) scans of third-party source code libraries
- Static Application Security Testing (SAST) scans of source code
- Code reviews of all feature developments performed by skilled and knowledgeable developers
- Anti-Virus software running on all user systems, and against all builds of our software
- Vulnerability scans (PCI etc) run daily against a deployed system
- Security configuration and endpoint vulnerability continuous scanning of all user systems