Secure hosting for your data

IP filtering:
Axxerion protects system access through targeted IP filtering. Access can either be restricted to selected IP addresses (restriction) or automatically released to IP addresses from which authorized users successfully log in (approval).
This measure provides additional protection – even in case a password is lost or falls into the wrong hands.

Password management:
Passwords are fully protected in Axxerion and cannot be viewed by anyone – not even the system administrator.
Passwords have clear security requirements, such as a minimum length and other defined properties. After three failed login attempts, access is automatically blocked and temporarily denied.

Automatic logoff:
Axxerion has an automatic logout function. Users are automatically logged out after a set period of no activity –for example, after 20 or 30 minutes–.
This prevents unauthorized access, for example if the logout was accidentally forgotten.

SSL / HTTPS encryption:
Communication between your web browser and the Axxerion servers is encrypted using SSL and the HTTPS protocol with a 1024-bit encryption code.
This ensures a consistently secure data exchange between browser and server.

SFTP – Secure Data Transfer:
Secure FTP (SFTP) is available for exchanging data with your own server.
SFTP uses 1024-bit encryption and ensures that even sensitive and confidential information is transmitted securely.

Access logbook:
All accesses and logins are documented in a central logbook. The system administrator can always track which user was or is logged in to the system and at what time.
In addition, users receive information about their last access when they log in. This allows unauthorized access to be quickly detected and verified.

Groups and roles:
Users can be assigned to one or more groups, each of which is assigned defined default user rights.
The groups are structured hierarchically. Rights of parent groups can be automatically inherited by child groups.

Security at the object type level:
Clear default access rights can be set for each object type in the system.
For example, it can be ensured that users of the group „external users“ generally do not have access to information from the group „employees“.

Field-level security:
Each object in the system consists of several data fields. Access to each individual field can be defined separately for all user groups.
This way you retain full control over what information is visible or editable at all times.

Object-level security:
Access rights for an object type can be specifically overwritten at the level of individual objects.
Example: A user has general read permissions for documents, but cannot access a specific document – as an exception –.

Folder-based access:
If objects are placed in folders, they automatically assume the access rights of the respective folder.
If access rights are set to „None“, the folder is completely invisible to users.

Function-related access rights:
Access rights can be set for each individual function such as „Create“, „View“ or „Delete“.
If a function is not allowed, the corresponding button is hidden.
These rights can also be granted on a module-by-module and group-by-group basis.

Workflow-dependent accesses:
Access rights can be linked to the status of a workflow.
For example, it can be specified that a document in status „Published“ cannot be changed or deleted.

Application-level security:
Certain access rules are controlled centrally in application management.
These are for data completeness and cannot be modified by users.
Example: If a document is checked out, no „Check-In“ button is available.

Encryption of the database:
Sensitive information such as passwords or salary amounts is stored directly in the database using 128-bit encryption (Blowfish Database Security System).
An additional seeding algorithm prevents identical values from being visible with the same encryption.

Hard disk redundancy:
The Axxerion servers work with a combination of RAID 1 and RAID 5 systems.
This allows hard drives to be replaced on the fly – without data loss and without interrupting the service.

Audit Trail:
A complete history is available for each object. You can see at any time who created or modified an object and when this happened.
Optionally, the Audit Trail can also be activated on a field-by-field basis, for example to track price changes or address adjustments.

Data export „On Demand“:
With Axxerion you can define individual reports at any time and export the data contained flexibly.
The output is a CSV file that can be easily imported into Microsoft Excel or any other system environment.

Planned data exports:
In addition to manual export, Axxerion also supports scheduled data storage.
Using defined schedules and filter criteria, data can be sent automatically to an FTP server or via email – without any manual effort.

Daily database backup:
Axxerion creates a complete copy of all data from the productive environment every day.
This backup is stored in a separate online backup environment and contains all information including all current statuses.

Monthly database backup:
In addition to the daily backup, a full backup of all data and programs is performed once a month.
This takes place on the first day of each new month and serves as long-term protection.

Separate backup environment & emergency operation:
Axxerion operates a fully functional backup data center that is geographically separated from the productive data center.
The operational data is transmitted and secured every night in encrypted form via Secure FTP.
To control data backup, you get your own access to the backup environment.
In the event of an emergency, this environment serves as an emergency platform and takes over operation in case the productive environment fails („Disaster Recovery“).