Enhanced Security
Enhanced Security
Scan2x Document AI utilises industry-leading measures to safeguard data throughout the entire process.
Avantech and Scan2x are fully committed to data security, and all data is encrypted in transit and at rest at all times.
Scan2x Document AI’s security is robust and focuses on encryption, data retention and GDPR compliance. These are the key security aspects of how Scan2x processes data:
- Cloud-based processing: Scan2x Document AI operates exclusively in the cloud, using the scale and processing power of Microsoft Azure data centers. This ensures high scalability and performance for document metadata extraction.
- Encrypted data transmission: All communications between Scan2x components, including document transfer and metadata exchange, are encrypted using Transport Layer Security (TLS) 1.2. This ensures secure data transmission and prevents unauthorised access or data leakage.
- AI services on Azure: The recognition server and AI processor used by Scan2x Document AI are hosted in Azure data centers, located in the Netherlands (EU) and the United Kingdom.
- Data retention and encryption: Documents sent to the recognition server are retained for a maximum of 24 hours before being automatically deleted. Both documents and their extracted metadata are encrypted in transit and at rest, protecting sensitive information from unauthorised access.
- GDPR compliance: As the service operates in an EU- and UK-based data center, it strictly adheres to GDPR regulations. This compliance ensures that all data processing meets the strict privacy and security standards required by European and UK legislation.
- Optional use: The use of Scan2x Document AI is optional, providing control to customer administrators over which documents are processed through the cloud-based AI service. Documents are only sent to AI processing servers if they are explicitly configured for AI processing.
At Avantech, we prioritise security by implementing a multi-layered approach to safeguard our bespoke software development and cloud-based solutions. We adopt industry-standard practices, including rigorous data encryption, secure coding protocols, and regular vulnerability assessments to identify and mitigate potential threats.
Our team undergoes continuous training in cybersecurity best practices to stay ahead of emerging risks. Additionally, we utilise robust access controls and authentication mechanisms to ensure that only authorised personnel can access sensitive data.
Regular audits and compliance checks further bolster our defenses, ensuring that we maintain a secure environment for both our clients and our operations.
All tenants are hosted in West Europe, with plans for expansion to other regions, such as the UK, depending on customer demand.
Security is always front of mind during our development lifecycle. Only authorised personnel have access to code repositories. All code is centralised and all changes are logged and and can be traced back to an individual user.
Scan2x Online is tenant based thus allowing for logical segregation of client data. This ensures that the client is in full control of their data at all times and there is no risk of data bleed.
We follow standard ITIL processes to handle incidents. We log each incident within our in-house ticketing system, involving relevant stakeholders. Set resolution targets/ mediation plans and make sure they are implemented. Once a resolution to an incident is implemented it is tested to the original risk and judged accordingly.
The Scan2x Online environments are regularly subjected to independent penetration testing. These tests are organised and conducted by Canon using industry-standard techniques. If issues are found, they are reported, remediated, and retested to ensure that the fix addresses the issue.