Security measures Archie CRM hosting environment

A Pen and Hack test is carried out annually by a specialized agency so that the most current security improvements can be implemented.

In January 2021, Archie received the certificate with a valuable mention:

“The IT security level of Archie CRM is currently above reasonable expectations for modern day web applications.”

A copy of the certificate is available on request via privacy@archie.nl.

Authorisation policy objective

The authorisation policy creates the framework for the access and use of data, applications and technical infrastructure through a package of standards and requirements and the related measures.

The objective of the authorization policy is to ensure controlled access to, and use of, data, applications and technical infrastructure with regard to the Archie CRM hosting environment.

Access rights are registered. Registration of service accounts and other security creations other than the personal logins takes place in a secure database. Only specific employees have access to the secure database, vaults (via Fingerprint), keys, etc. where there is information that can give access to customers’ cloud servers and/or data. Only a specific employee is (whether or not on behalf of the security / privacy officer) authorized to issue / create a user identification.

The organisation of information security and communication processes within Archie Europe bv

Archie Europe bv has an active information security policy. Archie Europe bv also has a security /privacy officer who stimulates security awareness, checks the correct handling of personal data and takes measures that monitor compliance with the information security policy.

Employees

Employees of Archie Europe bv have signed a confidentiality agreement. There is also a “Code of Ethics” within the organization which is also signed by all employees. On the basis of the authorisation system, employees do not have access to more data than is strictly necessary for their position.

Access to data, which are the responsibility of Archie Europe bv, is only and only granted by the owner of the data in a personal capacity. This also applies to third parties and employees of the Archie hosting team.

Physical security and continuity of resources

Personal data is only processed in an environment (Archie CRM hosting environment) with protection against external threats on equipment and location where measures have been taken to physically secure it and to ensure the continuity of the service.

The Archie CRM hosting is installed in a colocation at NorthC Datacenters. The security of the Archie hosting is done by regulating internet traffic through a firewall. Physical security of the hardware is handled by NorthC Datacenters.

NorthC Datacenters is ISO 27001, 9001, 14001 and ISAE 3402 Type 2 certified. In addition, they have a PCI DSS, NEN7501 and AM-IX certificate. Physical access at NorthC Datacenters is only possible after registration by the specific employees of Archie Europe bv, where the display of a valid ID and biometric / control of the relevant employee is necessary. This also applies to any hired third parties. The racks are also secured by number locks. The code of these locks is only known to specifically designated employees.

Periodically encrypted backups are made of the data in the Archie hosting environment for the sake of continuity of service, which are treated confidentially and stored in both a physically and virtually secure environment. These are physically stored in a different location. In addition, a secure failover environment is available at a third location.

Archie Security

The deployment of the AMEE layer (Archie Multi-Tier Environment Engine – intermediate layer software) protects the Archie database on the SQL server because Archie users never connect directly to the SQL server via the client. The communication with the database is handled via registered SQL user (username and password as registered within the SQL server environment). The Client-Server traffic is encrypted according to the AES standard. The web traffic is encrypted by means of an SSL certificate.

Network and server security and maintenance

The network environment in which data is processed is strictly secured. Passwords are cryptographic measures applied and traffic flows are separated. In addition, measures have been implemented against abuse and attacks.

The security of the environment in which personal data is processed in Archie’s hosting environment is monitored.

Download pdf file security measures

View the certificate
Pen and Hack Test 2021