At MPX, the confidentiality, integrity and availability of client data and processing services are at the core of our business. We go to great lengths to consistently meet and exceed expectations. Our information security program is built on the foundation of the NIST Cybersecurity Framework and CIS Critical Controls, with a “security first” approach to compliance.
MPX has embraced the increased security and scalability of the cloud era. Data is received and processed in our state-of-the-art Amazon Web Services processing infrastructure, and multi-region architecture provides for site resiliency in the event of a disaster affecting the primary region.
MPX maintains a redundant print production facility, which is tested annually and stocked with client materials for immediate use.
MPX undergoes an annual third-party audit to test physical and logical security controls, backup and disaster recovery plans, and application development practices. Our control environment is additionally designed to satisfy requirements for HIPAA/HITECH and PCI compliance.
MPX performs annual network and application penetration testing, and third-party hosting providers are required to provide SOC and other relevant compliance documentation.
MPX has a documented and tested disaster recovery plan that defines clear roles and processes for assessing the impact of a disaster and responding accordingly to restore services.
Employees are trained annually and throughout the year when processes change to ensure that everyone is aware, understands, and follows all documented procedures and data security requirements. New employees go through a rigorous background check and training program upon being hired. Our culture is one of significant cross-training and continuous improvement.
"I was truly impressed by their ability to respond so confidently and thoroughly to our Risk & Compliance department. They made this an easy transition."