• Solutions

    Source

    Supplier Tender (eRFX) Supplier Negotiation (eAUC) Strategic Sourcing Management (SSM) Analytics

    Supply

    Supplier Information Management (SIM) Supplier Contract Management (SCM) Supplier Performance Management (SPM) Analytics

    Product

    Product Information Management (PIM) New Product Development (NPD) Analytics
  • Case Studies
  • Customer Feedback
  • Resources
  • Company
    About Us News Careers Partners Integrations
  • Blog
  • Contact

Data Security

SGS & UKAS

ARCUS® Supplier Management Software delivers supply base confidence through a streamlined solution for organisations across numerous industries.

ARCUS® Supplier Management Software is:

  • Trade Interchange’s proprietary Software as a Service (SaaS) platform
  • ISO 27001 accredited since 2013 and is independently penetration tested by an external security partner. View certificate
  • Cloud-based and accessed by users through a web browser
  • Implemented as zero-touch deployment with no hardware requirements
  • Supported by all major desktop and mobile browsers
  • Developed completely in-house at Trade Interchange and uses a single code base
  • Hosted by the latest Microsoft Azure technologies for security, resilience and scalability
  • GDPR compliant
  • Measured minute-by-minute for availability, and had a 99.99% uptime in 2022
  • Updated every six weeks at a platform level using agile methodology, ensuring all customers receive updates
  • Trusted by leading organisations like Sodexo, Brakes, Whitbread, NHS Professionals, and many others. See what our customers have to say.

Read on for more information…

Data confidentiality, integrity and availability are core to our products and services at Trade Interchange and we have operated an ISO 27001-accredited Information Security Management System since 2013. The system is audited annually by SGS, a UKAS-accredited auditor.

Data backups are tested regularly, and comprehensive disaster recovery scenarios are run by our dedicated Security Team to ensure our software and services are resilient as possible.

The ARCUS® platform is securely developed to OWASP standards and independently penetration tested annually by our security partner, ECSC Ltd.

Microsoft Azure Hosting Partner

Trade Interchange’s trusted hosting partner, Azure, is a globally respected hosting company with a network of data centres spanning 140 countries.

Azure data centres conform to over 100 globally recognised security accreditations and standards, including

  • ISO 270001
  • SOC
  • PCI DSS

Azure UK South and UK West Regions

Azure provides enterprise-grade cloud infrastructure on which customers and partners can rely. This includes physical elements like redundant power, networking, and cooling, as well as software elements like safe deployment processes, zero impact maintenance, and failure prediction enabled by machine learning.

Primary customer data is stored in the Azure UK South region which is also where the Trade Interchange ARCUS® platform is hosted. A secondary instance of the application and customer data is replicated in the Azure UK West region for geographic redundancy.

Azure empowers us to achieve our reliability goals and we have taken advantage of built-in features which helped us design and operate mission-critical systems with confidence—across high availability, disaster recovery, and backup scenarios.

Microsoft Defender for Cloud

Microsoft Defender for Cloud allows us to assess the security state of our cloud resources running in Azure. We can visualise our security state and improve our security posture by using Secure Score alerts and recommendations. We monitor our compliance against a wide variety of regulatory requirements using centrally managed security policies. We perform ongoing assessments using rich, actionable insights and reports to simplify compliance.

Back up, recovery and Contingency Planning

All application and customer data is backed-up in Azure using a Globally Redundant Service level (GRS). Three backup copies are stored within separate fault-tolerant locations in the local data centre and three additional copies are stored within a second data centre to provide offsite protection.
Backups are encrypted both in-transit and at rest using best-practice encryption standards.
The infrastructure as code of Azure PaaS along with Azure DevOps continuous deployment technology has transformed how we manage recovery scenarios.

Application Performance & Security

ARCUS® Supplier Management Software is developed in-house at our Teesside development and support office. The application is built on a classic n-tier architecture using a multi-tenant model. As more tenants subscribe, additional resources are added.

If you would like to find out additional information, you can complete the form below to download our IT document: