Security

Security at-a-glance

The security of our client’s data and operations is a top priority at ReconArt. Security is fundamental and baked-into our process and product. Development practices, technical stack, hosting, data policies & confidentiality, and our interaction with your operations and security audit needs: all these aspects and more are managed for best-practice security. ReconArt’s hosted offering is trusted by many clients who are under stringent security requirements such as banking, financial services, payments, insurance, government, HR, healthcare, and more.

ISO/IEC 27001:2013

As an ISO27001 certified organization, ReconArt follows some of the most widely-accepted security and privacy standards and regulations in the world.

Access and Authentication

Your ReconArt solution instance and datastore are dedicated to your business and can only be accessed from authorized networks or addresses. ReconArt supports both enterprise and standalone security for authentication. Enterprise class tools can be integrated with ReconArt for authentication to your enterprise user repository (e.g. Active Directory and leading Identity and Access Management solutions) and to support Single Sign-On. ReconArt can also be configured for standalone security, where user logins and passwords in are managed and stored on the ReconArt platform in an encrypted format.

Secure Hosting Profile

ReconArt partners with a world-class Tier 4 SSAE16-compliant Data Center with multiple global locations for the hosting of your reconciliation solution. Detailed documentation around its security provisions and certification, including SSAE16, PCI DSS, ISO27001, HIPAA, and Privacy Shield are available upon request and signature of a mutual non-disclosure agreement.

ReconArt hosted environments are protected with industry-standard and proven measures which address critical areas of security best practices and our obligations under ISO27001. These measures include, but are not limited to, Network Security (e.g. intrusion detection, firewall, vulnerability scanning), Server (e.g. O/S patching and log management, malware protection), Administration (e.g. dashboard monitoring and incident response), and Data Security (e.g. encrypted backups).

ReconArt also monitors hosted environments for availability and performance at key levels, including page loads and user experience from the application, bandwidth and errors on the network, and complete server health reports.

Data and Privacy Policies

ReconArt does not copy, share, or modify your data. In line with the ISO27001 standard, we strictly control access to data and credentials. Data transfers between client and ReconArt environments are protected with encryption and secured transfers. Only authorized ReconArt support and technical staff have access to client environments. We take extra care to mandate policies that protect your data and continually educate employees about their role in keeping customer data safe. Security policies can be managed by Client system administrators to limit or even deny access to the front-end interface of your ReconArt environment. ReconArt monitors application, system, and data access logs and maintains all appropriate documented policies and procedures for handling security incidents, including timely notifications to customers where applicable.

ReconArt and GDPR

The ReconArt team has committed real focus and resources on understanding and complying with GDPR requirements. Ahead of May 2018 when the regulation came into effect, we assigned a dedicated team with Legal and Technical expertise to ensure that the solution and all applicable processes are compliant, and that client data is protected in accordance with GDPR requirements. ReconArt’s security-by-design and ISO27001 certification, which mirrors many of the regulation’s intentions, greatly facilitated our compliance strategy and implementation. ReconArt has rolled out a GDPR compliance strategy for our worldwide operations with primary focus on our operations and clients in the European Union.