Security
Xyte is committed to keeping our customers’ data secure. We constantly implement the strictest security measures to ensure your data is kept safe.
Overview
Xyte’s security model and controls are based on international standards and industry best practices. Our systems are hosted on Amazon Web Services (AWS), ensuring that your data is available whenever you need it. AWS employs leading physical and environmental security measures, resulting in highly resilient infrastructure. Learn more about AWS’ security practices.
The Connect+ Edge application is a Docker container with limited access to machine resources to ensure maximum compartmentalization.
Data Availability & Integrity
Xyte runs in multiple zones, providing continuous service with minimal downtime. All data is continuously backed up to allow fast and full recovery in case of erasure or alteration. Xyte’s SLA policy is available upon request.
Data Encryption
Xyte encrypts all data both in flight and at rest so no unauthorized third party can gain access to your or your customers’ data.
- All outgoing communication to the Connect+ Edge Server is TLS 1.3 encrypted and using a custom SSL Certificate.
- All Xyte Servers are hosted in AWS and have full TLS 1.3 encryption on all intra cloud communications.
- The data is stored on AWS hosted Postgres, Redis and ClickHouse servers. Continuously monitored, backedup and fully encrypted at rest.
Resiliency
We keep our systems rigorously up to date, blocking any attempts to take advantage of known vulnerabilities, and running penetration tests on a regular basis.
Privacy by Design
We follow Privacy by Design principles that govern the treatment of data exposed to Xyte. These are applied worldwide and reflected across the company in development plans, business plans, and day-to-day operations.
Certifications
SOC2
Xyte consistently maintains, enhances, and reviews its security-related controls to ensure alignment with SOC 2 compliance standards. These controls cover physical and logical access, operational environment, risk assessments and mitigation, system operations, change management, and information security. Yearly review by EY ensures compliance to all Policies and a yearly report is generated.
GDPR & DPA
Xyte supports its customers in achieving compliance with the General Data Protection Regulation (GDPR), including a data processing agreement (DPA) to comply with article 28 of the GDPR.
CCPA
Xyte is fully CCPA compliant - The California Consumer Privacy Act is a state statute intended to enhance privacy rights and consumer protection for residents of the state of California in the United States.
Updated about 10 hours ago