The CINX system is divided into multiple servers, each with their own level of security. Each web site is protected by a PKCS #1 SHA-256 With RSA Encryption SSL certificate, to encrypt traffic over the wire. Access to the underlying databases is to a small set of IP addresses that, in addition to their own login and password, further ensure data security. For a user or process to access the data in the system, either via the user-facing web site at https://secure.cinx.com or via the API, there are additional layers of security:
- The encrypted connection must pass valid, active user credentials to the server to be authenticated as that person.
- The account associated with the credentials needs to be granted access to the specific organization.
- The account, within the organization, needs to be granted access to specific resources within the organization.
- Additionally, many features of the system require that the organization have a valid and active subscription to access that feature; without it, access is once again denied.
- Nearly all object id's are system generate GUIDs, rather than sequential (predictable) numbers.
System data is backed up and vaulted by our data service provider on, at minimum, a daily basis, on an encrypted path that requires a different set of credentials to access.