Security of our users is of paramount importance to us

Our approach

Working at the intersection of buildings infrastructure, physical devices, processes and people. At IQnext we take data integrity and security very seriously.  It is our most important responsibility and commitment to our customers. We stay updated and continually strive to improve with the aim of increasing the security our software and services that we offer.

Data Security

We understand the importance of data security, therefore it is the very foundation of our cloud product, infrastructure and processes, making the IQnext secure by design.

Encryption

Customers access IQnext product solutions over the internet with industry-standard secure and encrypted connections (TLS 1.0-1.2) using high-grade 2048-bit, SHA-256 certificates. Individual user sessions are protected by unique session tokens which are verified on each transaction.

Secure AWS Infrastructure

Our data and application is hosted on industry-leading cloud hosting provider Amazon Web Services (AWS) who is SOC2 and ISO27001 certified for security and availability. We maintain multiple regions and availability zones resulting in high levels of optimal performance with redundancy.

Platform and Network Security

We perform rigorous security testing including threat-modelling, automated scanning, and third-party audits, including regular penetration testing to plug any security gaps as a part of our on-going product updates. Communication from the IQnext Gateway device to the IQnext Cloud server is initiated by the Gateway and is mutually authenticated using TLS/1.0

Access Control

Role-based access through IAM that enforces segregation of duties, two-factor authentication and end-to-end audit trails ensuring access is in accordance with security context.

Application Security

Platform or application security is a shared responsibility in a cloud model. To enable secure access from the customer's end we have provided a number of features.

Secure Authentication

You can enforce strong authentication mechanisms using our SAML/OAuth services or tune-up the password rules from the admin console.

IP Whitelisting

Use our IP restrictions to limit unauthorized users by only allowing sign-in from designated IP addresses, just like your corporate network.

Role Based Access

Replicate your organization’s hierarchy in IQnext by assigning roles based on the type of user, permissions to be given to them and their geographical representation.

Audit Logs

Monitor your team’s activities with audit logs, so you can track who did what and when.

Availability

The architecture is highly resilient to meet our commitment to deliver products and applications that are stable and secure at scale.

Cloud Hosting Infrastructure

Our cloud infrastructure takes advantage of elastic scale, multi-level redundancy, and failure options across regions to reduce latency, maintain reliability, and scale with your organization’s needs.

Data Backup

We take automated backups regularly and store them in a secured environment.

Disaster Recovery

We have automated snapshots as backup in place to restore the IQnext cloud environment in case any disaster occurs.

Incident & Reporting Management

We use an incident monitoring tool that monitors  24x7 and reports the incidents to the authorized user contacts based on the severity of the incident along with suitable actions. We track and close the incidents with appropriate corrective actions to meet the SLA commitments.

Want to know more about our security practises?

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.