Privacy and Security

System Design

Pandexio consists of an API, widget set and applications which consume them.  Pandexio is designed to plug into your existing systems and extend their capability.  Pandexio is accessed from within those systems after being authenticated through them.  

Pandexio is designed to enable your employees to generate a private knowledge network for your company as they consume content within those “host” systems.  This new knowledge network leverages the existing content access models and authentication mechanisms of the host systems while enabling your company’s goals for inter-company knowledge-sharing and access.

Customer Trust

Earning our customers’ trust is a responsibility we take extremely seriously.  Pandexio protects your information and privacy by implementing various security measures throughout the Pandexio system and by subjecting our security practices to 3rd-party audit. 


Security and Privacy Measures

We treat security and privacy as primary concerns during design and implementation.  We incorporate security and privacy best practices in daily operations, conduct regular security reviews and limit secure access to authorized personnel only.  Below are some of the default measures provided by the Pandexio platform and supporting applications.  Additional custom measures are available through Pandexio SI partners.

Data Centers

Leading Enterprise Data Centers

  • All customer data stored in Microsoft Azure or Amazon AWS data centers
  • Both Azure and AWS are SOC2 type II audited with EU Safe Harbor and ISO 27001 certifications
  • Both employ extensive physical security measures such as 24/7/365 video surveillance, biometric and pin-based locks, strict personnel access controls and detailed visitor entry logs
  • Pandexio restricts access by automating deployments and disabling remote access to its data centers

        Amazon Web Services (AWS) security information: https://aws.amazon.com/security/

        Microsoft Azure security information: https://azure.microsoft.com/en-us/support/trust-center/security/

Redundancy and Scalability

  • Geo-redundant storage protects against regional data center failure
  • Continuous archival of all data changes prevents data loss
  • Pandexio uses advanced NoSQL designs, best-of-breed hardware auto-scaling and other design methods that enable large fluctuations in demand and expansion of users
 
 

Application Security

Application Features

  • All connections to Pandexio are via secure socket layer/transport layer security (SSL/TLS), ensuring that customers have a secure connection to their data.  Any attempt to connect over HTTP is automatically re-directed to HTTPS.
  • Individual user sessions are uniquely identified and re-verified with each transaction
  • Customers passwords are not accessible by Pandexio personnel
  • Application logs record the creator, last updater, timestamps, and originating IP address for every record and transaction completed

Logical Separation of customer data

  • Hardware and software configurations are designed to provide secure logical separations of customer data that permit each customer to view only its related information.
  • Client data explicitly segregated per API key using separate tables, blob containers and search indexes
  • Multitenant security controls include unique, non-predictable session tokens, configurable session timeout values, password policies, sharing rules, and user profiles.
  • The Pandexio service supports delegated authentication.
  • All storage accounts require private Azure access key
  • All web application servers are physically and logically separated from the servers that store customer data

Monitoring and logging

  • Pandexio captures and reviews activity and application logs regularly
  • All cloud services continually monitoring CPU utilization, disk I/O, network I/O, with email alerts triggered based on configured thresholds
  • All API activity is audited in real time

Independent 3rd-party Verification

  • We pursue our own security certifications as an assurance of our commitment to privacy and security (despite only storing customer data in leading data centers)
  • Pandexio has established controls in line with Trust Services Principles and Criteria and has undergone a SOC2 Type I Audit (2015). We will be undergoing our SOC2 Type II Audit in 2016.
 
 

SECURITY FAQs

Who can access the Pandexio network?

Your Pandexio network is private to your company. Only users with a valid and verified email address for your company can join your Pandexio network. Pandexio was built from the ground up as a private network with security built‐in at every level and a high degree of control available.

Where is the data hosted?

Pandexio data is hosted in Microsoft Azure (datacenters owned and operated by Microsoft) and Amazon Web Services (datacenters managed by Amazon).  Information about security, privacy and compliance can be accessed for both at the links below:

https://aws.amazon.com/security/

https://azure.microsoft.com/en-us/support/trust-center/security/

What is Pandexio’s privacy policy? How do you treat my data?

Our privacy policy is publicly shared and available here: Pandexio privacy statement.

Can you share your security policy?

General Pandexio security information can be found here: Pandexio Privacy and Security.  Pandexio’s security policy and SOC2 audit report is shared only with customers under a non-disclosure agreement (NDA), so contact your account manager to request a copy.

Who has access to the data?

Only authorized personnel can access secure customer data, and all access is on an approval‐only basis. All access is logged and regularly audited.

Is the data encrypted in transit?

All data in transit into and out of the production environment is encrypted at all times. Communication with Pandexio is over HTTPS (SSL3.0/TLS1.0) regardless of user endpoint (web, desktop app, mobile app, API).

What is Pandexio’s architecture?

Pandexio's architecture is designed for widespread employee knowledge capture and access across existing enterprise systems.   Pandexio is a set of loose components, coupled with APIs. These are developed and released independently using a variety of different best-in-class codes and technologies. Pandexio is a public cloud, SaaS, multitenant architecture only. We use a data-driven, rapidly iterating development approach to measure the success of the platform using the key metrics of end-user engagement and adoption.

For more information on the Pandexio development methodology see How we Build.

Who owns the data posted in the Pandexio network?

All data is owned by the Customer.  Pandexio is a data processor and has no rights to any content or responsibilities for the data posted within a Pandexio network.

Can we perform an on‐site visit or audit of your facilities?

Pandexio does not permit customers to perform on‐site audits due to the feasibility of coordination across our customer base. It is also a risk to the security of the service. We will answer any security questions openly and transparently.

Do you conduct third‐party audits?

Yes.  Third-party audits are conducted yearly.

How is data separated from other customers?

Pandexio is a true multitenant model. As such, customers’ data is logically separated with strict controls to ensure separation of tenant data.

HOW ARE USERS AUTHENTICATED?

Pandexio uses HMAC-based, per-request authentication to authorize requests to its various components.

Does Pandexio sell our data?

No. Pandexio does not mine or sell any customer data. All data belongs to the customer (either the user or the company, dependent on the Pandexio version in use).

Can I export all my data?

Pandexio Enterprise allows all Smartsnip content to be exported, including associated metadata. 

How is Pandexio accessed on mobile devices?

Pandexio has been built with a mobile-first design and is accessible from all major mobile platforms, including Windows Phone, iPhone, iPad, and Android.  For all integrations where the host application provides mobile access, Pandexio can be accessed on mobile through authentication into the host application.  In the event that the Smartsnip-enabled applications in use do not facilitate mobile access, users can be provided a direct login to Pandexio using their valid and verified domain email address.

Can my company’s multiple email SMTP domains be merged together into one Pandexio network?

Yes. By default, SMTP email suffixes have their own Pandexio network. This is in place to ensure that data stays within a certain organization. However, many large organizations have multiple SMTP email domains and, as a result, multiple Pandexio networks. Under Pandexio Enterprise, these Pandexio networks can be merged together so when the user logs on, they enter a single Pandexio network for all their colleagues, regardless of which company SMTP email address was used to log on.

What file types can be uploaded to Pandexio?

PDFs, most office documents, web page URLs that are not behind a login, and most image and text formats.

What are the limitations of the solution (number of users, networks, documents, storage, access, and so on)?

Pandexio is designed as a SaaS, multitenant environment with scale in mind. The only limit is that of file size. An individual file cannot be larger than 100 MB.  Pandexio supports unlimited users, unlimited documents and unlimited Smartsnips.