Technology and security

Secure. Adaptable. Advanced


All of CX Group’s systems and platforms are proprietary and have been built and maintained by our in-house IT team under the governance of our CTO. 

From panel management in our ShopperHub to scheduling, program management, and quality control all the way through to client reporting portals, we maintain the locus of control over all of our technical solutions.  

3d floating cubes


Adaptable and efficient

We are able to swiftly develop new functionalities and new reporting interfaces without the barriers of lengthy approvals and decision-making. We can be nimble and efficient in how we grow our capabilities and offerings.  

Secure and advanced

At CX Group, we take data security very seriously. We follow and practice the daily requirements of PCI DSS on all our systems.  

Some of the measures we have in place within our systems include:  

  • Encrypting data at rest within our database environment using transparent data encryption, using AES 256 to encrypt sensitive columns of data within our database environment 
  • Encrypting all database backups with AES 256, deploying software-based disk encryption to all company equipment 
  • Utilizing Arctic Wolf as our log management and security analytics platform

  • Deploying web application firewalls, data loss prevention monitoring, and anti-virus software across all systems 

Glasses resting on keyboard



Upgraded system, processes, and policies

We upgraded our entire system, processes, and policies in the fall of 2022, and this is now continually monitored and updated with the support of an outside auditing agency.

In accordance with Payment Card Industry Data Security Standards (PCI DSS) requirements, CX Group has established a formal policy and supporting procedures concerning storage, distribution, and classification. This policy will be evaluated on an annual basis ensuring its adequacy and relevancy regarding CX Group's needs and goals.

CX Group will ensure that the Media Storage, Distribution, and Classification Policy adheres to current conditions for purposes of complying with the PCI DSS initiatives (PCI DSS Requirements and Security Assessment Procedures, Version 3.1). This policy and supporting procedures are designed to provide CX Group with a documented and formalized information security policy in accordance with Requirement 12.1 of the PCI DSS standards. 

Additionally, this policy also serves as the organization’s primary, enterprise-wide information security manual. Compliance with the stated policy and supporting procedures helps ensure the safety and security of all CX Group system components within the cardholder data environment and any other environments deemed applicable.