Security

We design from the ground up for state-of-the-art information security. Our robust infrastructure, sophisticated application, and strong encryption ensure the highest levels of security for your documents and data.

We take every reasonable and practical step to protect you and your data. All communications on the site, and all documents sent through Sfax, are encrypted with full 256-bit TLS security and AES algorithms. Your documents and data are password protected, and no one can access your data unless you grant them permission.

All passwords and sensitive account data are encrypted with RSA keys and other techniques. Our servers are housed in state-of-the-art SSAE16 SOC2 secured facilities with redundant hardware, power and Internet connectivity.

Sfax is 100% dedicated to making your transactions safe, secure and worry free.

Data Center Security

  • Physical access limited to our own data center technicians
  • Biometric scanning for controlled data center access
  • Redundant electrical generators, AC and back-up equipment to keep servers secure and running continually
  • 24x7x365 onsite security
  • Physical security independently audited

System Security

  • System installation using hardened OS with ongoing protection from exploits
  • Dedicated firewall and intrusion detection system
  • Data protection with managed backup solutions
  • Distributed Denial of Service (DDoS) mitigation

Operational Security

  • SSAE16 Type II certified data center
  • Daily Internet security and vulnerability tests
  • Documented information security and privacy procedure training for all employees
  • Systems access logged and tracked for auditing purposes
  • Proactive application and system vulnerability testing.

Application Security

  • Access controls configurable by master account administrator
  • All passwords encrypted during storage and never transmitted
  • Configurable account and password security settings including role-based permissions
  • Account access can be restricted to specific IP addresses
  • Full 256-bit TLS encryption and 2048-bit private keys for all documents and data in motion
  • Data protected at rest with 256-bit AES encryption, access controls and auditing including use of secured self-encrypting drives
  • Intelligent encryption with access controls to ensure data is only decrypted for authorized requests
  • Encrypted session IDs uniquely identify each user
  • Automated session time-outs
  • Two-factor authentication available

Transaction Security

  • Detailed audit trails generated for all transactions
  • Integrations enabled through secure RESTful Web Services API.