Toggle Menu

CRM Security Policies for Aptean CRM Hosted Solution

At Aptean CRM, we recognize that the privacy, reliability and accessibility of our customers’ information is of utmost importance. We take great measures to administer a security policy that protects our customers’ key data and ensures the CRM environment is fully functional.

The Aptean CRM hosted (cloud-based) solution is hosted in Amazon’s AWS (Amazon Web Services) cloud infrastructure. AWS delivers a highly available and secure hosted CRM package with the following shared security features.

Secure Company Data

Physical CRM Security


  • AWS’s world-class, highly secure data centers utilize state-of-the art electronic surveillance and multi-factor access control systems.
  • Data centers are staffed 24/7 by trained security guards, and access is authorized strictly on a least privileged basis.
  • Environmental systems are designed to minimize the impact of disruptions to operations.
  • Multiple geographic regions and Availability Zones allow you to remain resilient in the face of most failure modes, including natural disasters or system failures.


Network CRM Security


  • Built-in firewalls: Servers reside within a Virtual Private Cloud (VPC) subnet, where the egress and ingress are controlled. Perimeter firewalls and edge routers block unused protocols.
  • Internal firewalls segregate traffic between the application and database tiers.
  • Private Subnets: The AWS Virtual Private Cloud (VPC) service adds another layer of network security to servers by creating private subnets.
  • Access to hosted resources is restricted to a small group of administrative users in order to perform maintenance and setup tasks.

Simple Scalability



  • The AWS virtual infrastructure is designed to provide optimum availability while ensuring complete customer privacy and segregation.
  • Aptean CRM hosted on the AWS environment has been achieving 99.99% up-time on a recurring basis.

Workflow Automation

Data Backups


  • Customer and system databases are backed up incrementally each night, with full backups performed weekly. Backups are stored in Amazon’s secure EC2 environment.
  • Weekly backups are made for disaster recovery and are stored in Amazon’s S3 West Coast Environment.


Server Security


  • Systems are monitored 24/7 via automated Amazon performance and outage monitoring systems with warnings and alarms set to contact the administrative group via SMS and email.
  • Access to all hosted servers is available to selected administrative users only from within the Workwise domain.

Defect Tracking

Disaster Recovery


  • Data is moved and stored on a weekly basis into a different AWS region.
  • The infrastructure is tested periodically for functionality and data integrity to make sure everything is ready if and when a disaster strikes.

Incident Management

Testing & Assessments


  • Quarterly penetration Testing performed by WorkWise.
  • Annual penetration tests performed by 3rd party vendor.
  • Application vulnerability threat assessments.

For more detailed information on the Amazon Web Service (AWS) service infrastructure, please visit the AWS site.