Security & Trust
Enterprise security, built in
IXL CORE is designed to meet the security, privacy and compliance requirements of regulated industries across Africa and beyond — without you needing to bolt on a compliance layer after the fact.
Our commitments
Nine pillars of platform trust
Security and reliability are not add-ons. Every item below is designed into the platform and applies to every entity running on IXL CORE.
Security
End-to-end encryption in transit and at rest, multi-factor authentication, role-based access controls and automated vulnerability scanning.
Privacy
Personal data is processed on a need-to-know basis. Data subject rights (access, erasure, portability) are fully supported at the platform level.
Compliance
Built to meet the requirements of POPIA (South Africa), DPA 2019 (Kenya) and GDPR-equivalent frameworks — with jurisdiction-specific rule packs.
POPIA
IXL CORE ships with a POPIA compliance module: lawful-basis tracking, data-subject request management, processing records and breach notification workflows.
Disaster Recovery
Defined RPO and RTO targets with automated failover and documented recovery runbooks tested on a regular cadence.
Backup Strategy
Encrypted, geo-redundant backups taken continuously. Point-in-time restore is available for every entity, covering data and attachments.
High Availability
Multi-zone deployment with auto-scaling and load balancing — designed for 99.9 % uptime SLA with no scheduled maintenance windows.
Business Continuity
Documented BCP covering people, process and technology — so your platform keeps running even when external conditions change.
Platform Reliability
Real-time status page, incident communication via email/SMS, and dedicated support escalation paths for enterprise customers.
Shared responsibility
We secure the platform. You control access.
IXL CORE operates on a shared-responsibility model. We secure the infrastructure, application layer, data pipeline and provider integrations. You control user provisioning, role assignments, MFA enforcement and entity-level data policies — all from the admin dashboard.
Identity & Access
SSO, MFA, role-based permissions and session management — fully configurable per entity.
Audit Logs
Immutable, tamper-evident audit trail for every data access and system change.
Incident Alerts
Automated security alerts and status updates delivered to your security team in real time.
