Attacks by cyber criminals have soared to record levels. Breaching this threat are innovative and robust security technologies. As a global leader in web-based treasury software and services, BELLIN has made client security our number one priority. Our measures to counter online threats and internal fraud are subject to external audits that ensure we meet the highest security standards. We don’t use third parties to manage our clients’ data. The servers that make up our cloud are 100 percent owned and operated by BELLIN.
Whatever the size of a business – be it a multi-national corporation or small or medium-sized enterprise – tough questions have to be answered to ensure security systems are watertight:
- Where are my vulnerable points of failure?
- What should be my priorities when combatting cybercrime?
- How can my treasury provider make my systems secure?
Hackers always target the weak spots in an online system. The BELLIN Security Promise bolts down risk holistically, covering people, technology and governance. This three-pillar approach counters all the potential threats to online security, ensuring that there are no weak points in business critical architecture. Our clients can focus on their business and stay ahead of the competition with state-of-the art treasury systems that stay out of the clutches of cyber criminals.
We know people are the backbone of every successful business. We facilitate the deployment of state-of-the-art authentication tools to ensure that only authorized employees have access to business critical systems and data.
- Our two-factor authentication for tm5 provides clients with the highest levels of security while also facilitating the configuration of Windows Authentication when the software is hosted on a customer’s network. Our clients will enjoy an added layer of two-factor authentication security on their handheld devices with the BELLIN App, to be launched in October 2017.
- Clients that choose BELLIN as their system host can implement single sign-on (SSO) technology that supports a variety of authentication methods. SSO can be used exclusively or in conjunction with existing user name and password requirements.
- Our dedicated team of security experts keep a watchful eye on BELLIN’s cloud-based servers, 24-hours a day, seven days a week, 365 days a year. Our data centers have a suite of security measures in place, including man-traps, Closed Circuit Television (CCTV) and stringent security card systems that restrict access to authorized employees.
- The plethora of online threats that have emerged makes it vital for corporations to deploy holistic technology solutions that ensure effective system security.
- Our single tenant, Software-as-a-Service (SaaS) infrastructure ensures that the data of each client’s own application is held separately from other customers’ data.
- Access to our network is ring-fenced with enterprise grade firewalls and intrusion prevention systems. Network access to the TMS is protected by 256-bit encryption.
- Our servers are battle-tested against hackers through the use of certified third parties that perform penetration testing on the BELLIN cloud.
- BELLIN Integration Services (BIS) assures complete data security through the encryption of all data transferred between BELLIN and the network of our client
Meeting international governance standards across areas as diverse as risk management, certification and auditing is a challenge for any business. Ensuring security systems are fully compliant requires a holistic and comprehensive technology-based approach.
- Clients can put in place dual approval on all administrative data changes. The so-called “four eyes principle” requires all changes to fall under the critical gaze of another administrator before approval. This application has been designed to facilitate businesses tailoring approval procedures to fit in with their own governance processes.
- The BELLIN hosting environment is audited to ISO 27001:2013 standards and features a SSAE16/ISAE 3402 (SOC 1 Type II) attestation.
- BELLIN goes far beyond the standard dual approval – even extending the process to a “12-eyes principal” – while thoroughly recording all payment transaction history.
- Daily limits on account activity and internal money transfers can be put in place using the tm5 software that can also place restrictions on the amount of transactions that a single employee can make.
- Bulk payments can be vetted to ensure no additional changes are applied after a transaction is presented to tm5 before execution.
- Our cooperation with Accuity ensures that clients can meet their compliance requirements with all payments screened against sanctions and embargo lists.
- BIS enables the sharing of data between a combination of accounting, Enterprise Resource Planning (ERP), market data, receivables and money market systems. This is achieved through the deployment of active file monitoring, Pretty Good Privacy (PGP) encryption, in-memory translation, and Secure File Transfer Protocol (SFTP).
Payment security: A convergence of the best in people, governance and technology
Our tm5 software provides a single payment infrastructure. This holistic solution enhances security, removing the need for multiple bank interfaces with separate log in requirements. Our clients obtain access to a single portal that has in place cyclic redundancy checks (CRC). All payments have to be approved at multiple levels. A further layer of security will be available in 2018 with whitelists of all account connections classified as trustworthy.