Price f(x) achievements in quality, professionalization and IT security
Providing our customers with a comprehensive pricing solution as a hosted Software-as-a-Service – such as Price f(x) – is a big responsibility, esp. when our customers’ data stored in an online environment are as sensitive and strictly confidential as pricing and margin information can be. Hence quality, security, performance and reliability of our service clearly is one of the prime focuses of everything we do.
Better safe than sorry
Price f(x) servers are repeatedly security tested by 3rd parties, the last one occurred between January and May this year.
We often are confronted with security concerns and several of our customers are asking for permission to challenge us as part of the evaluation or due diligence phase. Those penetration tests are typically performed by specialized IT security companies, which at the time of the attack are unknown to us and which act on behalf of our current or prospective customers.
Also the most recent pen test has been performed in the name and upon request from one of our larger current customers in North America. We agreed to undergo a long and totally random series of various attempts to penetrate or uncover all possible security vulnerabilities. This particular attack has been performed by WhiteHat Security.
From 62 different tests aimed to damage or break our service and to steal valuable data, only 2 issues of lesser importance were identified, which we consider a major success. Both issues have been resolved within a day – and one of them was even unrelated with the Price f(x) service and only affected our public homepage. This is only one of many such tests in the past five years and as an outcome of that, we’ve invested a lot of effort and resources into making our solution as secure as it can get.
Formalizing our quality and IT security addiction
In the past 12 months Price f(x) has been preparing and testing to undergo a certification of our recently established Quality Management System based on the ISO 9001 and IT Security Management System based on the ISO 27001 norm. We are exhausted but very, very happy to announce that all that effort has been worth it and resulted in a flawless certification without a single non-conformity.
This milestone is particularly important not only for our company to maintain high quality and productivity of work, but also for our customers as a proof that we work in compliance with the highest managerial standards. Customers’ satisfaction and loyalty are key objectives we want to achieve while delivering our valuable SaaS pricing solution.
Why ISO makes a difference
Without a doubt, gaining ISO certification was a demanding process with days and weeks spent on assembling and creating documentation and brainstorming workflows, diagrams and flowcharts. On the other hand, this process helped the company to re-assure that the fundaments and operational processes are set right to support Price f(x)’s growth in the global market.
“The aspect of the recent certification effort I’m happiest with – said Marcin, CEO – is that we’ve managed to create a living, actionable, interactive and collaborative quality handbook and data repositories that not only will improve and secure the highest quality standards at Price f(x) but also will help with the onboarding of new employees and partners as well as provide a full and instant transparency to our systems and processes at any point of time. The old days of printed paper quality handbooks, that are taken care of and revised every three years prior to the re-certification, have no space and justification in a modern organization like Price f(x)”.