Maytech Public Documentation
Space shortcuts
Skip to end of metadata
Go to start of metadata

Do Maytech provide audit and monitoring of access to the system and data?

Yes. Comprehensive audits logs are available and all user activity is tracked.

How does the solution authenticate users to prevent unauthorized access?

Describe the security applied to the database to prevent unauthorized access to data.

Username and strong password and 2FA.
Role-based access control.

Within the application, and the supporting infrastructure, describe how administrator actions are logged and recorded, including details of how long these audit logs are stored for.

Where Maytech are instructed to access any data (regardless of whether it is personal data or otherwise), all such access is logged with information identifying the Maytech's personnel accessing the data and setting out the date and time of access. Access logs are maintained for 12 months and can be downloaded and stored by the Customer at that time.

What is your review processes, manual or automated, for event and application logs generated within the solution?

Maytech’s approach to log management is controlled by ISMS OP 22 - Logging and Audit Trails Policy.

Maytech conduct an ongoing collection and retention of a record of user activities on or with Maytech, including:

  • Log-in attempts.

  • Password changes.

  • File creations, changes and/or deletions.

All audit entries are time-stamped with entries recorded as GMT dates and times. Clock synchronisation is uniform on all servers to ensure timestamps are consistent across all logs to avoid any time discrepancies which may cause issues for any subsequent forensic activities.

All logs are reviewed periodically (minimum at least monthly) to identify any unauthorized access to the systems.

Retention of audit files is for at least 12 months.

If required, what methods and formats are available for a Customer to export a copy of data?

The account owner has access to all the data so can take a copy of all your data at any time.


  • No labels