|
|
Security is afforded the highest priority by Currenex; we have implemented comprehensive security measures at every step of the trading process to ensure the complete protection of user data and full member confidentiality. Currenex uses strong encryption protocols - including digital certificates used by most major financial institutions for electronic funds transfer - to protect client trade data and bring real-time visibility to the entire trading process.
All activity on Currenex's services is controlled through strict authentication and authorization procedures. To meet stringent compliance requirements, front and back office duties are completely segregated.
Permissioning
Currenex provides several levels of permissioning to achieve separation and ensure strong, auditable procedures. Clients can choose to restrict individual User IDs to specific system functions, including the limiting of trading activity by type or dollar amount. Similarly, clients can restrict back office staff from performing front office functions without proper authorization. Once user accounts are established, ongoing maintenance is controlled by your own system administrator.
Exchange Security
Currenex works tirelessly to ensure that members enjoy secure electronic communications. In order to achieve this, Currenex is focused on three key factors:
- Authentication - confirming and identifying users
- Message integrity - ensuring communications are not altered in any way
- Message privacy - encrypting each message to maintain confidentiality
Currenex employs a two-factor authentication model that requires users to present a valid digital certificate, unique User ID and password to log on to Currenex's services. In order to maintain the integrity and confidentiality of communication to our clients, all connections to Currenex's services are conducted across mutually authenticated 128-bit RC4 encrypted SSL sockets.
Data Center Security
Currenex maintains a primary and secondary data center, each in geographically independent environments, managed by different service providers. Both centers employ strict on-site security controls, including 24/7 staffing, sensors, intrusion alarms, biometric scanning of technicians, and video surveillance systems. Furthermore, to ensure high availability and scalability of our services, Currenex has built the trading infrastructure with multiple redundancy to ensure no single point of failure. These provisions include:
- Multi-homed ISPs for redundant network connections
- Redundant routers and load balancers
- Multiple application servers for web access and business logic
- An enterprise-class database, with redundant subsystems
- UPS protection and onsite power generation capability through diesel generator backups
- Rapid failover capability between primary and secondary data centers
In addition to physical network security, Currenex employs extensive network security defences including:
- Redundant firewall systems
- Multiple intrusion detection facilities
- Host integrity monitors
- Real-time third party security monitoring
|
|
