Phocas software technical specifications

The Phocas environment is built on advanced cloud technology. Phocas environments are regularly and formally assessed against the latest best practices.

Phocas’ security health is being monitored globally to meet high standards. Phocas customers benefit from 24/7 continuous security monitoring and 24/7 incident response and forensics (IRF), performed both by Phocas and our security partners. This monitoring is designed to protect all data including highly sensitive data.

Routine updates help Phocas stay ahead of emerging threats based on comprehensive security controls including anti-virus (AV), intruder detection system (IDS), file intrusion monitoring (FIM), vulnerability scanning and log management.

Data is not written back to client ERP/CRM systems which ensures the integrity of the data in your ERP/CRM is preserved.

TLS 1.2. encryption is available to protect data against malicious 3rd parties.

With regards to data permissions, Phocas offers fine grained control of each end user’s access to data so that they can see only the data needed for their role and sensitive data can be restricted to only those who need access.

Support for LDAP and single sign on (SSO) simplifies password management and reduces the burden on customers’ IT teams.

Phocas partners follow key compliance controls common across PCI DSS, HIPAA, HITRUST and GDPR as well as frameworks such as ISO, NIST, SOC and others.

Phocas GDPR statement

Phocas completes SOC 2 TYPE I

Phocas Software, a business planning and analytics platform, announced the completion of its Service Organization Control (SOC) 2 Type I report.

The 2022 SOC2 type 1 report confirms and details the security safeguards and controls we have implemented to comply with the AICPA’s (American Institute of Certified Public Accountants) TSC (Trust Services Criteria).

Phocas SOC 2 statement

Phocas data centres are located in North America, United Kingdom and Asia Pacific.

By partnering with the world’s most advanced infrastructure providers, Phocas customers benefit from their continuous investments to safeguard stability and availability of their platforms. Our partners achieve 99.99% network uptime and Phocas regularly achieves higher than 99.5% software uptime.

Phocas has disaster recovery and business continuity plans in place to respond to incidents and to quickly recover and return to stable services for customers.

The Phocas support teams are globally located and available at all times. Like the best SaaS offerings, Phocas’ maintenance and upgrades follow a managed deployment pipeline.

Phocas is built to scale, deployed in the cloud and handles millions of records for customers.

Data from your Phocas instance to servers and back again is compressed so that data transfer time is dramatically reduced.

Incremental data updates reduce the load on ERP/CRM systems and customer networks, while full updates are available for simplicity and data integrity. Phocas offers data update schedule flexibility which allows for frequent updates when required, and it can also minimize load on ERP/CRM systems if that is important.