Security & Trust at Intixus Technologies

Last updated: February 2026

Overview

Intixus Technologies is committed to protecting the security and confidentiality of:

  • Customer data processed through our ERP, AI, automation, and cloud products
  • Partner and affiliate data shared in the course of business
  • Website visitor data collected through our public site
  • Product infrastructure that powers our SaaS and on-premise deployments

We implement industry-aligned security controls and continuously improve our practices to meet Indian regulations and international best practices.

Infrastructure Security

  • Secure hosting environments: Production systems run on trusted cloud and hosting providers with robust physical and network controls.
  • Firewall protection: Network firewalls restrict access and monitor traffic.
  • Encrypted communication: All data in transit uses HTTPS and TLS 1.2 or higher.
  • Role-based access control: Access to systems and data is restricted by role and need-to-know.
  • Secure API architecture: APIs use authentication, rate limiting, and input validation.
  • Database isolation: Production databases are isolated and access-controlled.
  • Server monitoring: Systems are monitored for anomalies and unauthorized access.

Application Security

  • Secure coding practices: We follow secure development guidelines and code review processes.
  • Input validation: User inputs are validated and sanitized to reduce injection risks.
  • CSRF protection: Forms and state-changing operations use anti-CSRF measures.
  • SQL injection prevention: Parameterized queries and ORMs are used to prevent SQL injection.
  • Regular updates and patches: Dependencies and components are updated for known vulnerabilities.
  • Logging and monitoring: Security-relevant events are logged and monitored for investigation.

Data Protection Controls

  • Data encryption at rest: Where technically feasible, sensitive data is encrypted at rest.
  • Encryption in transit: All external data transfers use TLS.
  • Access control policies: Access is granted on a need-to-know basis and periodically reviewed.
  • Secure backups: Backups are stored securely and tested for recoverability.
  • Data minimization: We collect and retain only data necessary for service delivery and legal compliance.

Incident Response

We maintain an incident response process that includes:

  • Incident detection: Monitoring and alerting to identify potential incidents.
  • Containment: Steps to limit impact and prevent further exposure.
  • Investigation: Root cause analysis and evidence preservation.
  • Notification: Where required by applicable law (including the DPDP Act 2023 and sector-specific regulations), affected individuals and authorities are notified in accordance with prescribed timelines.

Responsible Disclosure

We welcome reports from security researchers. If you discover a vulnerability, please report it responsibly. See our Responsible Vulnerability Disclosure page for details.

For security inquiries: security@intixus.com