Security Controls

Last Modified August 28, 2023

The following statement describes the security controls MxToolbox has in place.

Security Controls Description
Access Controls MxToolbox will make the MxToolbox network accessible to only authorized personnel, and only as necessary to maintain and provide the Services. MxToolbox will maintain access controls and policies to control authorizations for access to MxToolbox from each network connection and user. Such controls include the use of firewalls or equivalent technology along with authentication controls. MxToolbox will maintain access controls that are designed to restrict unauthorized access to data and controls to segregate each customer's data.
Security in Transit MxToolbox requires HTTPS (also known as TLS) encryption on all authentication interfaces and all customer application interfaces. This HTTPS encryption uses industry standard algorithms and certificates.
Restricted Access MxToolbox will restrict user access to MxToolbox Network following least privilege principles by job roles, require the review and approval before provisioning access to the MxToolbox Network above least privileged principles, including administrator accounts
Change Management MxToolbox will maintain controls designed to log, authorize, test, approve, and document changes to existing MxToolbox resources. MxToolbox will document change details within its change management/deployment tools and will test changes in accordance with its change management standards prior to deployment to production environments. MxToolbox will maintain processes aimed to detect unauthorized changes to the MxToolbox Network and track issues to a resolution.
Static Code Analysis Code that is stored in our source code repositories is checked for best practices and identifiable software flaws using automated tooling.
Fault Tolerance MxToolbox will maintain fault tolerance policies that ensure regular backup copies of the MxToolbox Network.
Disaster Recovery and Business Continuity MxToolbox will maintain disaster recovery/business continuity controls to ensure swift account re-provisioning, governance, infrastructure, and data recovery.
Access Monitoring MxToolbox will maintain event monitoring to enable risk auditing, governance, and compliance of actions taken by user or role.