Data protection and security are essential to maintaining our customers’ trust and ensuring compliance with all legal regulations. FlexPoint employs a tiered structure to security, ensuring your data is protected every step of the way.
We operate from Azure data centers that maintain state-of-the-art physical security, are built with customized hardware, have security controls integrated into the hardware and firmware components, and added protections against threats such as DDoS. Our infrastructure includes Firewalls, Web Application Firewalls, vNets, Monitoring, Access Level Control, etc., for added security
Encryption is a way of scrambling data so that only authorized parties can understand the information. Encryption can be applied to data in transit (such as when using browsers to access FlexPoint portals) or data at rest (such as when storing files on the FlexPoint cloud platform).
We encrypt all data in transit and at rest - including files, databases, applications, in transit, and at rest. We also double the encryption for sensitive data at the column level.
Authentication is the process of verifying the identity of a user before granting access to data or resources. Authentication can be based on something the user knows (such as a password or a PIN), something the user has (such as a token or a smart card), or something the user is (such as a fingerprint or a face scan).
We use a secure passwordless authentication method leveraging best-in class security features. Every time you log into your account, we’ll issue you a one-time PIN that can only be used by you from your computer. That also removes the need to remember your password, and more importantly, a password being used to compromise your account or other accounts.
We use a third-party card processor which is a certified Level 1 PCI Compliant Service Provider (the highest level), and we don’t store any sensitive credit card information on our servers.