Most trusted SaaS ERP provider
We’ve spent hundreds of millions of dollars building the world’s most trusted SaaS ERP solution that’s now IRAP assessed to store and process any classification of data up to and including PROTECTED.
Optimal security, compliance and privacy
TechnologyOne protects your data with encryption in transit and at rest and provide administrative controls to enforce organisation-wide protection.
We are committed to protecting the privacy of your data and your customers' data, and preventing it from unauthorised access with industry best-practices and standards such as AT-C 205 SOC 2, GDPR and IRAP.
We certify with industry-accepted standards so you can verify that your company and customer data remain secure and compliant.
Highest level certifications and accreditations
Our commitment to security
Exceptional user experience
The user experience for our customers is our priority, that’s why we adopt world-leading standards across our software. To protect our customers against security threats, data breaches and to prevent unauthorised access to customer data, TechnologyOne maintains a formal and comprehensive security program.
Unique approach to isolated data storage
The TechnologyOne SaaS solution is unique in its approach to data management. Whilst we deliver a multi-tenanted SaaS application we isolate each customer’s database and data into a separate and completely private storage zone. This isolation provides far superior security to a shared storage and shares databases that combine data from many customers into a single place. Multi-tenanted software provides economies of scale, enabling customers to share one version of software globally, gain immediate access to the latest enhancements and security updates as they become available, without having to compromise on data security. These controls are in addition to the rich, logical security model in the application itself, which is personalised for each customer during implementation, and updated by our customers as their business changes over time.
Encryption of data in transit
Users access TechnologyOne SaaS via the internet, protected by Transport Layer Security (TLS) 1.2 and above. This secures network traffic from passive eavesdropping, active tampering and the forgery of network messages.
TechnologyOne has implemented proactive security measures such as perimeter defence and network intrusion detection and prevention systems, together with anomaly detections algorithms that alert team members. We also utilise a number of confidential countermeasures designed to protect our customers, and protect our service in general.
Vulnerability assessments and penetration testing of the TechnologyOne SaaS solution are evaluated and conducted on a regular basis by both TechnologyOne team members and trusted external third-party vendors. These vulnerability assessments are in addition to the secure coding practices, static code analysis and security reviews undertaken with our enterprise software.
Backup and replication of data
In a Cloud first, mobile first world, we have rethought the traditional approach to backups. TechnologyOne SaaS architecture is active/active by design, which means that all data is synchronously stored in multiple locations, across multiple data centres, automatically. This approach challenges most existing procedures that revolve around backups, tape archives and expensive customer-adopted processes.
A full backup is taken weekly and stored in multiple locations across four physically isolated data centres. Database backups and transaction logs are implemented so that a database may be recovered with the loss of as few committed transactions as is commercially practicable. To ensure that we can offer the lowest recovery point objective (RPO) in the industry, we perform snapshots every 15 minutes to minimise the potential for data loss in the event of failure. Backups of the database and transaction logs are encrypted for any database which contains customer data.
Single sign-on support
Security Assertion Markup Language (SAML) is supported by the TechnologyOne SaaS solution and enables an enterprise single sign-on (SSO) environment. SAML provides a seamless, single sign-on experience between the customer’s internet connection and TechnologyOne SaaS, which incorporates the existing identity framework already in use.
TechnologyOne software enforces role-based security for authorisation. Role-based security allows customers to grant or restrict user access to functionality, business processes, reports and data.
System-to-system integration is via public web service invocations or Reports as a Service (RaaS). All of these system invocations are controlled by TechnologyOne software-based authorisations and security.