Guides

Security

Xyte is committed to keeping our customers’ data secure. We constantly implement the strictest security measures to ensure your data is kept safe.

Overview

Xyte’s security model and controls are based on international standards and industry best practices. Our systems are hosted on Amazon Web Services (AWS), ensuring that your data is available whenever you need it. AWS employs leading physical and environmental security measures, resulting in highly resilient infrastructure. Learn more about AWS’ security practices.

The Connect+ Edge application is a Docker container with limited access to machine resources to ensure maximum compartmentalization.

Data Availability & Integrity

Xyte runs in multiple zones, providing continuous service with minimal downtime. All data is continuously backed up to allow fast and full recovery in case of erasure or alteration. Xyte’s SLA policy is available upon request.

Data Encryption

Xyte encrypts all data both in flight and at rest so no unauthorized third party can gain access to your or your customers’ data.

  1. All outgoing communication to the Connect+ Edge Server is TLS 1.3 encrypted and using a custom SSL Certificate.
  2. All Xyte Servers are hosted in AWS and have full TLS 1.3 encryption on all intra cloud communications.
  3. The data is stored on AWS hosted Postgres, Redis and ClickHouse servers. Continuously monitored, backedup and fully encrypted at rest.

Resiliency

We keep our systems rigorously up to date, blocking any attempts to take advantage of known vulnerabilities, and running penetration tests on a regular basis.

Privacy by Design

We follow Privacy by Design principles that govern the treatment of data exposed to Xyte. These are applied worldwide and reflected across the company in development plans, business plans, and day-to-day operations.

Full Privacy Policy.

Certifications

SOC2

Xyte consistently maintains, enhances, and reviews its security-related controls to ensure alignment with SOC 2 compliance standards. These controls cover physical and logical access, operational environment, risk assessments and mitigation, system operations, change management, and information security. Yearly review by EY ensures compliance to all Policies and a yearly report is generated.

GDPR & DPA

Xyte supports its customers in achieving compliance with the General Data Protection Regulation (GDPR), including a data processing agreement (DPA) to comply with article 28 of the GDPR.

CCPA

Xyte is fully CCPA compliant - The California Consumer Privacy Act is a state statute intended to enhance privacy rights and consumer protection for residents of the state of California in the United States.