Supplios IT Infrastructure and Security Overview

Ensuring Your Supply-Chain Security and Reliability with Supplios

At Supplios, we prioritize your company's data security and reliability from day one. Our modern supplier portal is designed to connect suppliers with internal teams and systems, improving efficiency and building better supply-chain infrastructure.


Certifications and Compliance

Supplios adheres to industry-standard best practices for information security:

  • ISO 27001:2022 Certified: Our Information Security Management System (ISMS) follows comprehensive security best practices, with regular audits to ensure compliance.
  • SOC2 Type 2 Certified: Our systems are regularly audited to ensure they meet stringent security, availability, and confidentiality standards. Audit reports are available upon request.
  • GDPR Compliant: All internal and supplier data is owned by our customers. Supplios acts as a data processor while you remain the data controller. We support data exports in various formats as needed for compliance and backup purposes.

Secure and Modern Infrastructure

Supplios leverages AWS (Amazon Web Services), the leading global cloud provider, for most of our infrastructure needs:

  • AWS Best Practices: We follow AWS best practices for security and availability.
  • Data Encryption: All data is encrypted both in transit (between your computer and our servers) and at rest (on our servers).
  • Redundancy and Backup: Our infrastructure includes multi-zone redundancy for high availability and regular automated backups (all encrypted).
  • Continuous Monitoring: We use Datadog and AWS services to continuously monitor our infrastructure.

Proven Technology Stack

Our platform is built on a stable and secure technology stack. We employ fine-grained, object-level access controls and secure authentication practices, including:

  • HTTP-only secure cookies
  • Hashed and salted passwords
  • Cryptographically-signed user invite tokens

Hosting Options

Supplios offers hosting options in both the US and the EU to meet various data residency requirements:

  • US Region (Virginia): Operational since February 2021
  • EU Region (Frankfurt): Operational since May 2024

Both regions are fully GDPR compliant and can serve global user and supplier networks. Infrastructure and data are physically located in their respective regions, ensuring compliance and security.


Disaster Recovery and Redundancy

We have robust processes in place to ensure business continuity and data protection:

  • Frequent Backups: Regular backups of all data.
  • Multi-Zone Redundancy: Ensures high availability of services.
  • High-Availability Configurations: Designed to minimize downtime.

Security Best Practices

Supplios employs industry-standard best practices to secure your data:

  • Encryption: All data is encrypted at rest and in transit.
  • Secure Networking: Following AWS best practices.
  • Object-Level Permissions: Access control on all key database records.
  • Secure File Downloads: Self-expiring download links and expiring invitations.
  • Continuous Monitoring: Over 500 security and privacy controls.

Reporting Security Vulnerabilities

If you have any questions or concerns about our security practices, please contact our team. If you believe you have uncovered a security vulnerability, contact our response team at security@supplios.com.


Additional Information

For more detailed information on our trust and security measures, please visit our Trust Center here.

Still need help? Contact Us Contact Us

Related Articles