Security

The MX.3 platform manages and protects critical, confidential client data.

Murex develops solutions, processes, and recommendations to safeguard client data and mitigate security breach risks.

Information security is essential to clients. Information security strategy is also central to Murex’s business and internal functions. Murex information security strategy focuses on multiple requirements. These include client data confidentiality, product security features and software security engineering. Murex ensures appropriate security controls are in place to meet relevant information security standards and aids clients in meeting their own compliance standards.

MX.3 integrates identity management, authentication and fine-grained authorization with role-based access control. The platform supports multifactor authentication (MFA), single sign-on (SSO) and security assertion markup language (SAML) authorization to allow for interoperability with centralized access management systems.

Murex clients leverage the four-or-more-eyes principle and audit capabilities on sensitive data changes to comply with security policy. MX.3 implements encryption in transit and at rest and supports industry standard algorithms.

The security mindset is inherent in the MX.3 software development life cycle at every step. Murex leverages a scaled agile framework with continuous code review and static code analysis. Security reviews and penetration tests are performed regularly to identify potential vulnerabilities. Remediation of eventual findings takes place prior to MX.3 releases. 

To deploy MX.3 securely at the customer site or on the cloud, Murex provides clients with a secure deployment guide and continuous assistance for security related topics.