Information Security

To ensure data and physical security, SYSPRO enforces a robust set of policies. We conduct frequent security assessments to identify potential vulnerabilities and implement improvements to minimize risks.

Policy Guidelines

SYSPRO’s policies, processes and procedures guide our data security, ensuring confidentiality, integrity and availability in the ever-evolving digital landscape. 

SYSPRO subscribes to the CIA triad, an information security model based on three pillars, namely: confidentiality; integrity; and availability. This model provides organizations with a guide for establishing security procedures and policies that address these three critical areas.

We created and implemented policies, processes and procedures to provide a structured framework for managing risk and ensure that SYSPRO adheres to legal requirements, industry standards and best practices.

Information Security – Access Control

SYSPRO has a number of policies that focus on security to protect physical and information technology access. We regularly review security to analyze and identify possible risks and implement continuous improvement. Implementing access control is a crucial component of application security, ensuring only the right users have the right level of access to the right resources. We secure access control using current best practices that verify users and ensure appropriate control access levels are granted to users.

Cybersecurity

SYSPRO recognizes the critical importance of cybersecurity in protecting confidential information, critical infrastructure, and overall business operations. Our Policy framework outlines our commitment to establishing and maintaining a robust cybersecurity program.

This framework aligns with industry best practices and relevant regulations. It includes:

  • An Information Security policy outlining SYSPRO’s overall approach to information security and data protection.
  • A policy that defines appropriate and acceptable behavior regarding IT systems and data access. Policies addressing password management, incident response, and mobile security.

Encryption: Protecting Data at Rest and in Transit

In today’s digital landscape, data security is of paramount importance. SYSPRO adopts security best practices for on-premise and cloud platforms, ensuring appropriate protection and encryption is in place. Using Azure’s Microsoft cloud computing platform, robust encryption options are provided to safeguard data at rest and in transit. Azure’s encryption capabilities span various services including disks, storage accounts and SQL databases.

Data Retention

SYSPRO retains data for a specific period of time to meet regulatory, business, and technical requirements. Data retention and disposal are shared responsibilities between SYSPRO and the entity that owns the data. Our Service Level Agreements include clauses for data retention and safe disposal of data in the cloud. 

When SYSPRO retains data, we ensure that information is kept safe and available for its intended use while adhering to privacy and data protection laws.

Business Continuity

Our Business Continuity framework ensures that SYSPRO can withstand disruptions, protect its information, and maintain essential services in the event of unplanned disruptions such as a cyber attack, civil unrest, system outage, or natural disaster.

We have established protocols, roles and responsibilities in place to minimize the impact of unplanned disruptions and continue with operations as effectively as possible. Recovery processes and procedures are implemented to recover and restore operations. 

Business continuity is a primary pillar and vital aspect of overall risk management and resilience.