Cloud Security Statement for Xray & Xporter

Version: XB.P03.20200304.01

Effective date: 13/March/2020

Overview

Xblend cloud services (hereafter referred to as “Xblend Cloud”) are hosted and delivered by Amazon Web Services (AWS), Microsoft Azure and Digital Ocean (hereafter referred to as “Cloud Providers”). While the Cloud Providers are responsible for the security of their actual data centers, Xblend is responsible for monitoring, managing and securing the Xblend Cloud.

Facilities

The Cloud Providers are responsible for the data centers that host the Xblend Cloud. For more information about security at those data centers, please go to the appropriate links below:

• AWS: https://aws.amazon.com/security
• Azure: https://docs.microsoft.com/en-us/azure/security/azure-security-getting-started
• Digital Ocean: https://www.digitalocean.com/security/

Xblend Cloud is hosted in the United States (AWS) and Amsterdam (Azure and Digital Ocean).

Certification

The Cloud Providers are responsible for managing the security of the cloud. They have been certified by third-party organizations and are compliant with the applicable laws and regulations. The list of such certifications and compliance statements can be found  in the links below:

• AWS: https://aws.amazon.com/compliance/
• Azure: https://www.microsoft.com/en-us/trustcenter/compliance/default.aspx
• Digital Ocean: https://www.digitalocean.com/security/compliance/

Xblend is a Cloud Security-Compliant vendor of the following vendors:

• Atlassian – https://developer.atlassian.com/market/programs-and-features/cloud-security-program

Data Storage

In the Xblend Cloud, the data at rest are encrypted using industry-standard encryption. Additionally, all communications with the Xblend Cloud are protected with HTTPS using TLS.

People and Access

Within Xblend, only a few members of the team have access to the production environment for the purposes of maintaining our cloud services and assisting our customers. Additionally, we monitor all accesses to Xblend Cloud.

Customers are responsible for the security of their own login information.

Backups

Customer data are backed up once per day, and are encrypted.

Privacy

Xblend understands the importance and is committed to ensure the privacy of your personally identifiable information. For more information, please see our Privacy Policy.