At PortXchange, we believe that trust is the backbone of any collaboration. That means to trust that our solutions deliver reliable information, but also trust that we take good care of the data you share with us.
We are launching a new blog mini-series explaining the building blocks of our data security strategy, so you can be confident that your data is in good hands. In our first blog, we will give an overview of the critical elements of our strategy.
People
Our teams drive the security at PortXchange. Everyone from developers to business consultants has a key role to play in keeping data secure. The developers are aware of the security pitfalls while building our products. And the business consultants, who work directly with customers, know how to handle their data responsibly. Our goal as a company is to ensure that everyone has the right mindset and tools to take on the data security challenge.
Technology and Tools
Working with outdated technologies not only drains the team’s energy but also might expose data to unnecessary risk. Those tools are often hard to update, and they don’t meet modern security requirements. For these reasons, we made it a no-brainer for us to always opt for the latest technologies in the cloud. This approach allows us to take advantage of innovations and keep it fun for our teams.
A New Data Authorization Model
While we aim to facilitate transparent information exchange, we also understand that giving access to all information to all the stakeholders is not always the desired behavior. That’s why we will be introducing a new Stakeholder based Data Authorization Model. With this model, we allow the data owners to stay in control of what information can be seen and by whom. This enables smooth information exchange while maintaining a high level of security and privacy.
Certification
Next year we aim to formalize our security best practices and create evidence that they are implemented successfully by getting ISO 27001 certification. With this seal of approval, we will guarantee that PortXchange complies with international security standards.
Incident Handling
Reducing the risk of data security incidents is one of the top priorities at PortXchange. However, we realize that it’s impossible to phase them out entirely. In case of any incidents, we will always inform the data owners, explain how we handled those incidents, and take all the measures to prevent them from happening again. Transparency, that’s what you can always expect from our side.
