SYSFLEXSYSFLEX

Trust & Security

The evidence enterprise buyers ask for on day one.

SYSFLEX is the operating system for your business — so the trust layer ships with it. Identity, encryption, audit, residency and AI safety, evidenced from the first tenant.

Uptime target

99.9%

Monthly availability for core platform.

Severity 1 response

< 1 hour

Business-critical incidents, 24×7.

Data residency

UK / EU

Default region; per-tenant on request.

Backup retention

30 days

Encrypted, point-in-time restore.

Security pillars

What ships with every tenant.

Identity & access

  • RBAC with per-tenant roles and granular permissions
  • SSO via SAML and OAuth (Microsoft, Google)
  • Step-up auth for sensitive actions
  • Session expiry, IP allow-list and device controls

Data security

  • Encryption in transit (TLS 1.2+) and at rest (AES-256)
  • Per-tenant isolation at the data and infrastructure layer
  • Customer-managed retention windows
  • Daily encrypted backups with point-in-time recovery

Audit & evidence

  • Immutable audit log across every module
  • Tamper-proof document and e-signature trail
  • Exportable evidence packs for client and auditor review
  • Change-history view on every record

Infrastructure

  • Hosted on enterprise-grade cloud (UK / EU regions)
  • Auto-scaling with multi-AZ failover
  • Logs, traces and SLO dashboards on every workload
  • Public status page with incident history

Privacy

  • GDPR-aligned data handling and DSAR workflow
  • Subprocessor list maintained and published
  • Data minimisation by default — collect only what you configure
  • Per-tenant deletion on offboarding

AI safety

  • Your data is never used to train shared models
  • Provider-agnostic — swap underlying models per tenant
  • Audit log on every AI action across the platform
  • Human-in-the-loop guardrails on automations

Compliance posture

In place today. On the roadmap next.

We publish posture honestly. "In place" means controls are implemented; "On roadmap" means controls are aligned and the certification is in progress.

GDPR aligned

In place

DSAR workflow, lawful-basis tracking, subprocessor register.

ISO 27001

On roadmap

Controls aligned today; certification in progress.

SOC 2 Type II

On roadmap

Controls aligned today; audit window planned.

Cyber Essentials

In place

UK baseline for infrastructure and endpoint posture.

Need the security pack?

We'll send the full evidence bundle.

Subprocessor list, architecture diagrams, pen-test summary, DPA template and current posture statement — sent under NDA on request.

Request the pack