Data security in GRiT: we encrypt and move to the cloud from Amazon

24. June 2021

Our solutions for the electronic exchange of documents transfer over 3 million business and logistics documents per month, which are sent to each other by thousands of companies. Deliveries of goods depend on these documents, and in the case of financial controls or the resolution of commercial disputes, the future of the company also depends on them. The security of your data is key for us - we do our best for it and we are constantly improving it. You can find out what it looks like in practice in the article.

Secure document transfer

We provide EDI message transmission:

  • data encryption,
  • electronic signatures,
  • time stamps,
  • transmission over secure VAN, AS2 and x400 networks.

Thanks to these procedures, EDI messages are one of the safest ways to transmit documents. Data leakage is better prevented, it also prevents forgery of documents or communication noise between business partners. For example, it’s impossible for the supplier to lose your document in his e-mail box.

Sending documents by e-mail is many times less secure than sending them by EDI. Documents are sent by e-mail in readable form (PDF) and often via easily attackable publicly accessible mailboxes. It may have happened to you that an e-mail came to your company that looked like it was from your bank or business partner. Such e-mails often require payments, access credentials, or even contain a virus that blocks all internal systems.

Customers are pushing us forward

Our clients from global companies also motivate us to constantly improve our security. For example, Nestlé has very strict safety requirements for its suppliers. Not only ORiON, but also iNVOiCE FLOW therefore undergoes regular penetration tests, during which external hackers try to find vulnerabilities in our systems.

We will also soon change the cloud infrastructure to Amazon Web Services Cloud. It is probably the most developed cloud platform to date and provides a high level of security, which will open up new possibilities for data protection. And it also automates some of the routine security activities, so we'll have more room for improvement. AWS Cloud also meets CSA, SOC / SSAE16 auditing standards and external physical security auditing. 

We guarantee safety by certificates

We have had the ISO27001 certificate for information security management for several years, which we have updated again this year. This certificate from the independent certification authority TÜV SÜD Czech states that we work with the data sent and stored in our tools in a trustworthy manner, with verifiable accuracy and also that we meet all the requirements of the Cyber Security Act. For example, we have processes that prevent outgoing employees from retrieving customer data.

"We are proud to do our utmost to secure our clients' data. That is why we contacted the world-renowned certification authority TÜV SÜD to confirm this. We want to maintain a high safety standard for a long time, which is why we also regularly apply for recertification, ” explains our product manager ORiON EDI, Kamil Plachý.

Wouldn’t it also interest your colleagues or a boss? Simply share the article with them.