Doxim Security & Privacy
We understand the security requirements of your industry. Protecting your data is the #1 priority when we design and deliver our solutions and services.
At Doxim, we take our responsibility to protect our clients’ sensitive information very seriously. That’s why all Doxim’s SaaS solutions are housed in state-of-the-art data centers with built-in redundancy and high availability. Reduce your operational burden and hardware costs and ensure business continuity in the event of an emergency by selecting Doxim’s scalable, flexible SaaS-based solutions. You can focus on business growth, knowing we’ll take care of the rest.
Data Security & Data Centers
Doxim software and client data are safely housed in secure data centers. Systems and processes within these environments have been audited to verify redundancy, security, processing integrity, confidentiality, and privacy. Doxim maintains a robust disaster recovery program at all data centers.
In the US, our data centers are located in North Carolina, Arkansas, and Michigan. In Canada, our secure data centers are located in Ontario, and British Columbia. Your client data is stored in secure Doxim data centers within the country of origin. Data traffic is routed exclusively through your country as well, so your data does not cross borders.
Best Practices
We follow multiple procedures deemed as best practices in regulated industries working with sensitive information. These practices include:
- Network protection
- Secure data transmission
- Denial of service monitoring
- Penetration and vulnerability testing and patching
- Endpoint threat protection
- Application-level security
- Incident management procedures
- External testing
- Automated internal scans
- Continuous monitoring
- External audits
Certifications, Audits & Compliance
Doxim has regular certification audits to comply with standards including, but not limited to SOC 1 and SSAE16/CSAE (SOC 2). Doxim products also support KYC standards around Anti-Money Laundering and Anti-Terrorism.
Part of each major software release is a third party security audit for vulnerabilities within our applications. If any are found, we treat them as top priority and will fix them before we release to market.
Policies for Your Protection
Doxim implemented and sustains privacy and security-conscious policies that apply to all of its information handling practices. Every employee must follow Doxim’s code of conduct, sign a confidentiality and non-disclosure agreement as a condition of employment, and follow Doxim’s information security policy. We ensure Doxim has the appropriate people in place to create, manage and drive security, privacy, and training our personnel on best practices.
Our policies include:
- Code of Conduct
- Confidentiality Agreements
- Information Security Policy
- Privacy Policy
Business Continuity Management
Doxim’s business continuity plan enables incident preparedness and the response plans that focus on protecting and recovering core business operations. We have designed our business continuity plan to ensure resilience and an effective response that safeguards the interests of our customers, meets legislative requirements, and engages our team to coordinate activity and response efforts.
Change Management
Any change to the production environment in Doxim’s Data Centers and SaaS applications are performed within Doxim’s change management process. This process is audited as part of the SOC 1 Type II compliance and ensures changes are approved prior to implementation. All changes are scheduled within the change window.