Cloud Security Statement for Xray & Xporter
Effective date: 13/March/2020
Xblend cloud services (hereafter referred to as “Xblend Cloud”) are hosted and delivered by Amazon Web Services (AWS), Microsoft Azure and Digital Ocean (hereafter referred to as “Cloud Providers”). While the Cloud Providers are responsible for the security of their actual data centers, Xblend is responsible for monitoring, managing and securing the Xblend Cloud.
The Cloud Providers are responsible for the data centers that host the Xblend Cloud. For more information about security at those data centers, please go to the appropriate links below:
- AWS: https://aws.amazon.com/security
- Azure: https://docs.microsoft.com/en-us/azure/security/azure-security-getting-started
- Digital Ocean: https://www.digitalocean.com/security/
Xblend Cloud is hosted in the United States (AWS) and Amsterdam (Azure and Digital Ocean).
The Cloud Providers are responsible for managing the security of the cloud. They have been certified by third-party organizations and are compliant with the applicable laws and regulations. The list of such certifications and compliance statements can be found in the links below:
- AWS: https://aws.amazon.com/compliance/
- Azure: https://www.microsoft.com/en-us/trustcenter/compliance/default.aspx
- Digital Ocean: https://www.digitalocean.com/security/compliance/
Xblend is a Cloud Security-Compliant vendor of the following vendors:
In the Xblend Cloud, the data at rest are encrypted using industry-standard encryption. Additionally, all communications with the Xblend Cloud are protected with HTTPS using TLS.
People and Access
Within Xblend, only a few members of the team have access to the production environment for the purposes of maintaining our cloud services and assisting our customers. Additionally, we monitor all accesses to Xblend Cloud.
Customers are responsible for the security of their own login information.
Customer data are backed up once per day, and are encrypted.