Security at the core of every payment
Handling your vendor payments and GL data is a responsibility we take seriously. Here's how we protect your financial workflows at every layer.
Security pillars
Designed with the controls that enterprise finance teams expect.
Encryption
All data encrypted at rest (AES-256) and in transit (TLS 1.3+). ERP credentials are stored in isolated vaults, never in application databases.
Access Controls
Role-based access with multi-factor authentication. Approval workflows enforce four-eyes on disbursements. No backdoor admin access to customer data.
Audit Trail
Immutable log of every document action, approval decision, and payment instruction. Timestamps, user IDs, and IP addresses retained for 7 years.
Vendor Vetting
New vendor additions require documented approval. Bank account change requests trigger secondary confirmation to prevent ACH fraud patterns.
Infrastructure
Hosted on AWS us-east-1 with automated backups, point-in-time recovery, and multi-AZ failover. No data stored on client-side devices.
SOC 2 Controls
Designed with SOC 2 Type II controls in mind. Our security team follows the Trust Services Criteria for security, availability, and confidentiality.
Your ERP data stays where it belongs
Apvyne reads invoice and GL data from your ERP to process approvals and route payments. We don't store raw financial data longer than necessary for the workflow step in progress. Your ERP is the system of record — always.
Questions about security?
Our team can walk you through our security posture, data handling architecture, and controls documentation.