Mitigate Data Risk | Mendix

Skip to main content

Site Search

Contact Sales
Try for Free
Print

Mitigate Data Risk

Governance is about optimizing value with an acceptable risk depending per your risk tolerance. Data risk refers to the potential threats or vulnerabilities associated with the collection, storage, processing, and transmission of your data using your Mendix applications. To mitigate data risk you want to manage the confidentiality, integrity, and availability of the data in your applications.

How Does Mendix Mitigate the Risk of Data Breaches and Unauthorized Access?

Mendix complies with various third-party security certifications and assurance reports, as you can find in the Security section. This prevents unauthorized individuals from having access to your data. Access to your application’s data by legitimate users is managed by the implementation of user roles and the assignment of those roles to the right set of application users; more information is in the App User Risk section.

How Does Mendix Mitigate the Risk of Data Loss?

Data Loss is the unintentional or accidental destruction or removal of data. Mendix helps you to mitigate the risk of data loss by providing you with capabilities to Mitigate Application User Risk. If these mechanisms fail, Mendix enables you to do automatic backups of your application data and restore those backups. For applications deployed to the Mendix Cloud, Mendix offers the possibility to have High Availability and Fallback or even Regional Fallback.

How Does Mendix Mitigate the Risk of Data Corruption?

The Security Model for Mendix applications mitigates the risk of application data corruption by allowing your developers to set validation rules on your domain model; Mendix will validate these at runtime when your application aims to commit the data.

How Does Mendix Mitigate the Risk of Compliance Violations?

Mendix complies with various third-party security certifications and assurance reports, as you can find in the Security section. In addition to this, your developers need to ensure your application design complies with regulatory requirements and industry standards that are specific to your domain.

How Does Mendix Help to Make My Application Data Available?

Mendix features an API directory called Catalog, which allows discovery and reuse of APIs. All published APIs are automatically registered in the Catalog, providing a comprehensive overview of available APIs within a Landscape. Once registered, APIs can be made discoverable to other developers by publishing them in the Catalog, facilitating easy consumption and integration. Additionally, the Catalog tracks API consumption through the Landscape View, giving insights into which applications are utilizing specific services within the landscape.

How Can Mendix Help Ensure the Data in My Applications is Auditable?

Basic auditing functionality can be implemented using our Audit Trail module. If your organization needs advanced auditing capabilities (for example to comply with GxP and 21 CFR Part 11), we also offer the Advanced Audit Trail module. The Advanced Audit Trail enables your organization to easily implement historical traceability of changes in any Mendix application data. This not only covers the actual data mutations, but also includes contextual change information (e.g. which user and/or process initiated the change). Given the fact that Advanced Audit Trail can be leveraged across all your Mendix apps, it can be used to provide your auditors unified, fully searchable access to the data they need to accomplish their role.

How are Mendix apps protected against malicious traffic? Do I need to install additional tooling to do so?

Mendix provides Web Application Firewall (WAF), a security service aimed to block unwanted, malicious internet traffic. This is an out of the box capability and you don’t need Mendix developers to take any extra steps to get this protection. Read more about specific attack categories Mendix’s web application firewall protects against.

Can I share sensitive data via Mendix? How can I be sure that my data stays confidential at all times?

Mendix offers encryption for data at rest and in transit for app environments out of the box. For more encryption control, Mendix supports the encryption of specific columns within application databases and makes it possible to encrypt uploaded files. To learn more, refer to the dedicated Encryption section in the evaluation guide.

Choose your language