All data is hosted on servers in facilities that have ISO 27001 certification. Your data is physically and logically separated from that of other customers. All data centers have redundant power supplies (UPS and backup generator).
The data centers have security zones, round-the-clock security personnel, outdoor video surveillance, individual identification through electronic access controls and alarm systems.
All systems, networked devices and circuits in the production network are continuously monitored by Flexperto. Physical security and power supply are monitored by each facility’s provider.
Flexperto and our sub-service providers principally use data centers in Germany.
In exceptional cases, for certain functionalities such as omni-channel messaging, service providers outside of Europe are also used.
Our network is protected by firewalls, best-in-class router technology, secured HTTPS transport over public networks, regular audits, and network intrusion detection technologies (IDS/IPS) that monitor it for or block malicious traffic and network attacks.
Our network security architecture consists of multiple security zones. More sensitive systems, such as database servers, reside in the most trusted zone. Other systems are located in zones that correspond to their sensitivity, depending on their function, information classification, and risk. Depending on the zone, additional security monitoring and access controls are used. DMZs are used between the Internet and internally between different trust zones.
The main entry and exit points for application data flows are monitored with Web Application Firewalls. The systems are configured to trigger alerts when incidents and values exceed established thresholds, and use regularly updated signatures based on new threats. This includes round-the-clock system monitoring.
Flexperto participates in several threat intelligence programs. We monitor our systems for threats reported in these threat intelligence networks and take action based on our risks and exposure levels.
Access to the Flexperto Production Network is explicitly based on the need-to-know and least privilege principles and is reviewed on an ongoing basis. Multiple authentication factors are required to access the Flexperto Production Network.
Communication between you and Flexperto servers is encrypted using HTTPS and Transport Layer Security (TLS) over public networks. TLS is also supported for email encryption.
All Flexperto customers benefit from the protection of data-at-rest encryption for attachment storage, as well as full daily backups.
The following TLS Cyphers are used by Flexperto:
You can check them here:
Flexperto maintains a publicly accessible system status web page that provides details on system availability and service history.
Flexperto uses service clustering and network redundancy to eliminate single points of failure. Our strict backup strategy ensures that service data is actively replicated across primary and secondary systems and assets. Our co-located databases are stored on state-of-the-art storage units with multiple servers per database cluster.
Our Disaster Recovery (DR) program ensures that our services remain available or can be easily restored in the event of a disaster. This is achieved by creating a robust technical environment, and by creating disaster recovery plans and testing.
Flexperto uses a 3-generation backup policy that includes up to 3 copies of important files. Backups are created and restored over a dedicated network interface to avoid impacting production-related traffic.
Flexperto has assembled a team to handle all information security, data protection and compliance issues. This ensures dedicated contacts and a functioning communication chain.
Are you interested in learning more about the specific security measures we take?
We divide our security measures into three categories:
In order to continuously review and improve the measures described here and to establish a generally high level of information security at Flexperto, we have set up an information security management system (ISMS) in accordance with ISO 27001.
We will be happy to provide you with the following documents upon request:
Feel free to contact us under