10X ERP Security Overview

This document describes how 10X ERP approaches security to protect our customers' data and systems. It is intended to provide a high-level overview, and we’re happy to answer deeper technical questions upon request. We regularly evaluate and improve our security posture and remain committed to transparent, accountable security practices.

1. Our Approach to Security

Security is at the core of how we build and deliver 10X ERP. We take a practical and disciplined approach to security, focusing on best practices that ensure our platform is safe, stable, and reliable.

2. Infrastructure & Hosting

  • 10X ERP is hosted in the cloud using Linode.
  • Each customer has their own dedicated instance with a separate database, providing strong data isolation.
  • We maintain regular backups and high availability configurations for customer environments. Details can be found here: Data Backup and Recovery

3. Application Security

  • We use GitLab for version control and CI/CD, enforcing code review and automated testing.
  • Every code change (merge request) triggers a comprehensive suite of automated tests to ensure stability and prevent regressions.
  • Our team follows a secure development lifecycle, including static code analysis and regular dependency audits.
  • We use Sentry for real-time error monitoring and response.

4. Data Protection

  • All customer data is encrypted in transit using TLS.
  • Data at rest is encrypted using industry-standard techniques.
  • Backup data is also encrypted and stored securely.

5. Authentication & Access

  • We support Google and Microsoft-based sign-in with two-factor authentication (2FA).
  • Access is role-based, with permissions managed per user.
  • Session timeouts and other policies are in place to prevent unauthorized access.

6. Monitoring & Response

  • We have automated monitoring and alerting in place to catch and respond to issues quickly.
  • All access and key events are logged and auditable.
  • We maintain an incident response plan and will notify customers promptly in the event of a breach.

7. Customer Role

Security is a shared responsibility. We encourage customers to:

  • Use strong authentication methods
  • Limit user access appropriately
  • Maintain and review user permissions regularly within the application
  • Review access regularly

8. Contact & Reporting

To report a potential vulnerability or security concern, contact us at [email protected]. We welcome responsible disclosures and handle them promptly.

Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.

Still need help? Contact Us Contact Us