Site security

The security of all data is of paramount importance to Sedex. The information below details how we ensure the security of the data stored within the Sedex system.

  • System access is controlled via unique usernames and passwords.
  • Idle sessions timeout to minimise the risk of security breaches.
  • Companies are unable to view each other’s supply chains. Sedex cannot be used as a procurement  tool to search for suppliers.
  • Data can only be shared between companies in a supply chain relationship. All access to data is dependent on ownership of the data. As the owner of a site you must explicitly grant access to member companies within your supply chain.
  • Specific access to view the data can only be granted by the owner. For example, a site-level user can only view and edit information for  the site to which he/she is allocated.
  • The site-level user may grant access to a company with viewing rights (with A membership) to view information about the site, provided there is a supply chain relationship between the two.
  • All transmission of data is via Secure Socket Layer (SSL) technology to protect data using both server authentication and 128-bit encryption. This technology ensures that others cannot view data as it travels over the Internet.
  • The Sedex servers are hosted in a highly secure environment provided by a hosting services provider that uses multiple firewalls and other advanced technology to prevent outside interference or intrusions. In addition, constant monitoring ensures evaluation of emerging security developments and threats.
  • Sedex conducts intrusion tests of the system at a minimum once per year to ensure security is maximised.