As a “Software-as-a-Service” vendor for advanced supply chain solutions, Paradata recognizes the sensitive nature of the data collected from its customers and therefore takes every step to secure and maintain the confidentiality, integrity, and availability of our client’s private information. Paradata follows standards such as PCI-DSS, HIPAA, and NIST to secure your data. These include controls at the physical, network, application layer, and business controls including separation of roles, access control, and monitoring.
Paradata’s infrastructure is located in the Amazon Web Services cloud across multiple regions, which offers industry best security stands for physical protection, monitoring, and redundancy.
The BOM Advantage SaaS and Trusted Discovery Engine are implemented in an environment that provides:
- High availability data assurance, enabling one system to take over for another if there
- is a failure or the device needs to be replaced.
- Scalability assurance, enabling the systems to distribute load across multiple servers
- to ensure timeliness of response.
- Proactive monitoring of every aspect of our production operations with an on-call
- A 24x7 operations team to ensure timely resolution of issues.
- An audit-ready incident response process for all production interruptions, security incidents, and traceability at the feature to source code level for all production changes.
At the application layer, Paradata’s secure portal (over SSL) also includes detailed access control mechanisms and user management options:
- Private customer bill of materials [BOM] data and all publicly harvested and derived data that make up our Golden data set are stored in isolated systems.
- A role-based access control [RBAC] system with roles for admin, company owner, and users enforces privileges, which range from the ability to create user accounts and corporate configurations to strictly being able to view only specific data.
- All SaaS data access flows through an Access Control Matrix [ACM], which enforces site and privileged based access at the database layer.
If you have any further questions, please feel free to reach out to our Information Security Officer email@example.com