The security of our users and their data is of the utmost importance to ApprovalMax.
That’s why we are proactive when it comes to weeding out any potential security flaws or vulnerabilities with our own platform. All parts of the solution – including the workflow engine, web application, connection to the accounting software (Xero or QuickBooks Online) and the mobile applications – are developed according to the latest security best practices.
With that in mind, we regularly engage Synopsys to run an independent test to make sure our security measures are as robust as possible. And Synopsys does put ApprovalMax through its paces with some rigorous penetration testing.
What is penetration testing?
A penetration test – or ‘pen test’ – is designed to eliminate vulnerabilities in server-side applications and APIs (application programming interfaces).
It’s essentially a deliberate attack on a system to pinpoint any and all security weaknesses that could possibly lead to the system’s features or data getting compromised.
The test helps determine whether a system is vulnerable to attacks, or if its defence mechanisms are sufficient, and which security issues (if any) could not be fend off successfully.
When Synopsys got to work with pen testing ApprovalMax, they sought to replicate the steps taken by a potential threat agent in an attempt to flag any vulnerabilities present within our system. Their goal was to demonstrate the impact any security risks would produce as well as provide clear guidance on how we could fix that.
Following the tests Synopsys carried out, we promptly introduced new and enhanced security measures for safeguarding our customers’ sensitive data and keeping fraudsters at bay.
The latest assessment done in March 2021 produced zero findings of critical, high or medium priority – confirming that ApprovalMax matches the highest industrial security standards.
Your data is safe with ApprovalMax
As we provide a financial workflow platform, it goes without saying that your sensitive data must be secure at all times.
To make sure of this, we rely on the enterprise-class platform Microsoft Azure (which itself meets the highest industrial security standards). All data is stored and protected in accordance with the strong European privacy and data security regulations.