Sharing data with us shouldn’t require compromising your network security. Secure Data Bridge is a lightweight agent that runs inside your environment and sends approved data to us over an encrypted connection — without opening any inbound access to your systems.
You stay in control of what is shared, when it is sent, and from which systems. We never reach into your network.
How it Works
A small agent is installed within your environment. It connects to the specific SQL Server database tables you configure, then pushes that data to our secure cloud endpoint over HTTPS (Hypertext Transfer Protocol Secure is a secure version of HTTP that encrypts data exchanged between a user's browser and a website using SSL/TLS to protect privacy and integrity). Transfers are handled in batches, making the process reliable even for large datasets — with built-in checkpoint recovery if a sync is ever interrupted.
Your team controls where the agent is installed, which database it can access, and which tables are included in the transfer.
There is nothing inbound. The agent calls out to us; we do not call in to you.
Why This Approach?
Traditional data integrations often require you to open firewall rules and maintain IP allowlists for vendor systems. That means more coordination, more attack surface, and ongoing dependency on network exceptions. Secure Data Bridge works the other way around:
- No inbound firewall changes required. The agent initiates all connections outbound from your network.
- You control the scope. The agent only accesses the specific tables you define.
- You control the schedule. Data is transferred on your terms, not by granting standing outside access.
- Faster security reviews. The outbound-only, least-access design is simpler to evaluate and approve.
In practice, this approach reduces networking overhead and creates a cleaner separation of responsibilities between your environment and ours.
Security Details
- Connection direction: Outbound only — the agent calls our endpoint. No inbound access to your database or private network is required.
- Encryption: All data is transmitted over HTTPS with TLS 1.2 or higher.
- Certificate verification: The agent validates the destination certificate before sending any data. Custom CA bundles are supported.
- Authentication: Bearer token authentication ensures only authorized agents can submit data.
- Data scope: The agent reads only the tables explicitly listed in its configuration — nothing broader.
- Reliable transfers: Interrupted syncs resume from the last confirmed batch. No data duplication, no full restarts.
Benefits
- No need to expose internal databases to external connections.
- No firewall exceptions or production IP allowlists to maintain.
- Clear, auditable control over what data is shared.
- Simple deployment with a lightweight local agent.
- Reliable transfer of large datasets with automatic resume on interruption.
Summary
Secure Data Bridge is a secure, customer-controlled alternative to traditional vendor pull models. Instead of requiring access into your private network, it allows approved data to be securely pushed from within your environment over an encrypted connection.
The result is a simpler, lower-exposure, and more operationally practical way to share data with Epicor.
For deployment requirements or security documentation, please contact your Epicor account team.