Each login that is provided to Cin7 users is unique and individual. We do not support shared logins, and our support staff do not use your tokens to access your data. All logins to your data in Cin7 are logged, and your staff’s access is limited to the security groupings you have defined. We provide a framework that allows you to build the granular levels of access required to give your users access to the modules they need. Where we provide access to Cin7 via connectors or external interfaces, including via application programming interfaces (APIs), access is delivered with secure credentials using revocable tokens. We secure your users’ logins using a password policy.
In the Cin7 platform, sensitive data is encrypted at rest using “Transparent Data Encryption” (TDE). We support end-to-end encryption for clients who wish to take advantage of this.
Cin7 refines and upgrade aspects of our security posture as part of our ongoing internal practices and in conjunction with external partners. For example, in addition to regular external security penetration tests, we also engage with an independent partner to deliver monthly independent vulnerability scanning.
Cin7 is hosted in Microsoft Azure. This enables us to take advantage of Microsoft’s 99.9% guaranteed availability to deliver high levels of redundancy and availability to our clients. We also have partnerships with Microsoft top tier support, giving us access to additional engineering resources, often within minutes, to address any issue as it occurs. Finally, our systems have monitoring and management systems while our core systems are staffed with certified engineers who are online and able to assist 24×7.
With recent issues around data privacy making international news, the EU has released a global standard of privacy compliance known as GDPR. Cin7 is a “Processor” for the purpose of the GDPR. Our statement around our GDPR compliance can be found here: https://www.cin7.com//legal/terms-of-use/
Working in the cloud can be a complex thing to do safely, so it is important that you have a competent internal computer support team. You are responsible for your working environment. Here are a few general tips that may assist in keeping your Cin7 experience more secure:
Please note that these tips are of a general nature and are not a substitute for your own security advice or practices. Cin7 does not accept any responsibility for your working environment, does not give any guarantees about these tips and, to the extent permitted by law, excludes any liability for any loss arising out of or in relation to these tips (including your reliance on them).
We provide live information on the status of our platform, and any outages or upgrades on: https://Status.cin7.com. Feel free to circulate this address to your wider team to give them visibility of our platform’s status.