Skip to main content
All CollectionsGetting StartedOnboarding Essentials
Security Best Practices
Security Best Practices
Updated over 2 weeks ago

User Access

We recommend that clients implement the following processes to manage access to FundApps’ platform:

  • Provisioning processes to ensure users granted access to the FundApps platform are authorised to do so and are provided with the adequate role and scope.

  • De-provisioning processes, to ensure users who are no longer authorised to the FundApps platform have their accesses revoked in a timely fashion.

  • Regular access reviews ensure there haven’t been any exceptions to the two previous processes, that all accesses are still required (e.g., all users have logged in to the FundApps platform in a recent time period), and that they are still adequate in terms of privileges and scope.

The privileges granted to each role in the FundApps platform are listed in this article.

Sharing Files & Screenshots

In your e-mail correspondence with FundApps, please do not attach confidential information such as entire upload files used in your FundApps production environment or passwords. If in doubt, please consult us beforehand.

Additionally, to protect confidential information, please make sure that you mask sensitive information in screenshots (e.g., ISIN, Quantity held, % holding). Please do not share security identifiers (e.g., instrument names, issuer names) but instead provide us with IDs. These are more specific and do not expose security or asset-level information.

IP Restrictions

If you have decided to apply IP restrictions to your FundApps environment, please inform us of any changes to your production and Disaster Recovery IPs. Failing to do so could impact the availability of the FundApps platform to your users.

Restricted Email Domains

As with IP restrictions, please inform us of any changes to the list of email domains to which your FundApps platform should be restricted.

Audit Trail

All actions that modify the application or its users, including data extraction or uploading and changes affecting rule-checking or disclosure processes, are logged to the audit trail (under Admin > Audit Trail).

Users who have been granted Administrator privileges can access this audit trail. In case of abnormal activity in the platform, these users can review or export these audit trails to identify abnormal behaviours.

Third-Party Security Assessment of FundApps

FundApps has selected the Cloud Security Alliance (CSA) STAR Self-Assessment to convey our current security practices. This questionnaire maps each of its 310 questions to 35 different security standards, including ISO 27001 and SOC 2. You can find FundApps self-assessment on the Cloud Security Alliance website and our Trust Portal.

Furthermore, FundApps holds a SOC 2 Type II Report and is also available at the above link.

Single Sign-On

FundApps recommends clients implement Single Sign-on to the FundApps platform for enhanced security and the best user experience for the client’s users.

This article provides instructions on how to set up Single Sign-On. If Single Sign-On isn’t a viable option, clients should implement two-factor authentication.

Related Articles
Creating, Editing and Managing Users
Cancelling a Pending Positions File Upload
Audit Trail
Just-In-Time (JIT) Access Management
User Deletion
Did this answer your question?