15.07.2021

IntelliWay Services Data Protection & Data Backup

Protecting our customers' data is our top priority. Our way of working is based on this very fact and is represented by the use of new applications in the field of cyber security. This article covers the privacy policies IntelliWay observes as a company. What procedures do we follow? How do we guarantee the protection of our customers' and partners' data? What are we currently working on to ensure a good security status of the data?

Working methods

We mainly work via direct access to our customers' software systems using a secure internet connection. Our employees and consultants work directly through the customer's own interfaces. All processes are managed and stored on their servers. This means our customers' IT departments retain full access and management control.
We work with the following ERP systems:

• SAP (https://www.sap.com/index.html),
• Yardi (https://www.yardi.com),
• EMS (https://www.emssoftware.com/solutions),
• iX-Haus (https://www.crem-solutions.de),
• RELION (https://www.relion.de/),
• REALAX (https://www.realax.de/).

Safety standards

The connection to the customer environment takes place via remote desktop or VPN connections, with a special security certificate installed on each of our PCs. All usernames and passwords meet the highest security standards. They are checked every time one logs in and are changed regularly. According to the nature of the tasks assigned to them, all our employees have signed a non-disclosure agreement.
Our partner, the Ten Brinke Group, works in a similar way. We work on their ERP system – IX-Haus (https://www.crem-solutions.de/en/iX-Haus/Uebersicht) hosted on the server at https://spacewell.com. Data protection is guaranteed by their certificates. The data is backed up twice a week.

We use our own cloud environment in an authorised data centre licensed under the ISO 9001, ISO 20000, ISO 27001 and PCI DSS. Our internal administration systems, our file servers and the e-banking tool (BL Banking-Tool (https://www.business-logics.de/products/all/banking.html) we use to manage customer payments, are also hosted here. Some Bulgarian banks have also chosen this data centre for their hosting.

Image 1: Diagram data security

The connection is made via an encrypted VPN tunnel. The offices and the systems in the data centre are protected by a firewall.

The cloud is secured by a 5-step authentication:

• Geographic localisation – access only from certain areas (countries) – Germany, the Netherlands and Bulgaria
• An authentication certificate is installed on each computer working with the respective server ensuring the connection.
• Once an employee has logged into the server, he/she must enter their own user name and password.
• The next two steps are provided by the software itself – an encrypted connection between the system and the bank.

The telephone line and mobile communications are also located in their own cloud and are secured by a firewall and an encrypted connection.

In order to ensure an uninterrupted connection, the IntelliWay offices are secured with two independent internet and energy suppliers, so the entire network structure can be secured.

We are currently implementing a disaster recovery plan and we intend to work with two replicated clouds to ensure data retention and data recovery in the event of fire, flood or another natural disaster. If one of the two clouds is affected, the data will be recovered from the other cloud.

The process for obtaining the ISO 27001 certificate is also currently underway.

If you are interested in more detailed information, please contact us. We will be happy to answer all your questions.