Data Security is Fundamental to our Business

At APRIO, we take our clients’ security concerns very seriously. Effective data security requires understanding the chain of information and data flow, from creation at your computer keyboard through to retrieval from our website.

We have implemented the following best practices to ensure the security, confidentiality and protection of information relating to your organization and its employees:

  1. We have strategic partnerships with world leading data centre facilities to host our servers in both the United States and Canada.
  2. All APRIO client databases are hosted on secure servers, and can only be accessed by registered users via the Internet. Independent third parties have certified important aspects of the security chain:
    • A GeoTrust Smart Seal authenticates our corporate registration
    • Our hosting in Canada is SAS-70 certified by PricewaterhouseCoopers and a BSI audit verified the ISO 27001 certification
    • An Ernst and Young audit has verified the SAS-70 operating effectiveness and controls of our hosting solutions in the United States
    • CanDo Networks and Pacific Coast Information Systems has tested and approved our application security through detailed assessments
  3. All physical access to the data centres where nonpublic personal and company information is maintained is controlled and monitored by security personnel. Our hosting partners audit and evaluate overall physical security, network architecture, redundancy, disaster recovery capabilities and operational policy as well as compliance to internal operational and security policies on a regular basis.
  4. When you access our servers using regular Internet browsers, network security is ensured using Secure Socket Layer (SSL) technology to protect sensitive pages from being intercepted during transport.

User Security & Data Encryption

Our servers provide secure, fast and accurate data transport. On arrival at the Data Centre, all requests are subject to server authentication to ensure your data is safe, secure, and available only to registered users in your organization.

Every APRIO client has an individual data storage repository, and only authorized users can access its protected data.

Every APRIO Boardroom user is identified by a unique username and password. Every time a user logs in, their identity is verified using authentication policies that enforce security but don’t complicate the end user experience. Permissions are also verified so that the user can only access specific areas or execute actions that have been authorized by the administrator. Only then can a user access the main application.

All data is encrypted with industry standard encryption protocols, both when in transit and in storage, to prevent it from being compromised.