Privacy and Security Information

Our team utilizes privacy & security best-practices such as multi-factor authentication, principle of least privilege, network firewalls, private network routing, and encryption of data in transit and at rest.

Secure Hosting

XY Archive is hosted and managed within Amazon’s secure data centers and utilizes Amazon Web Services (AWS) serverless technology. Amazon continually manages risk and undergoes recurring assessments to ensure compliance with data security industry standards.

Amazon’s data center operations have been accredited under:

  • ISO 27001, ISO 27017, ISO 27018
  • SOC 1/SSAE 16/ISAE 3402, SOC 2, SOC 3
  • PCI DSS Level 1
  • FISMA Moderate
  • Sarbanes-Oxley (SOX)
  • SEC Rule 17a-4(f) (WORM compliance)

For more information, see AWS Cloud Compliance.

Encryption

All data stored through XY Archive is encrypted in transit and encrypted at rest.

Security Assessment

As part of the process of receiving approval with Google for Gmail archiving, we underwent a security assessment with Bishop Fox. The assessment included thorough internal and external penetration testing, as well as a comprehensive review of XYPN and XY Archive's security procedures and posture. We will be doing a security assessment of the entire product annually.

Security Incidents and Vulnerabilities

Security is important to us. If you've discovered a vulnerability in the software, please let us know. You can send reports of any detected or observed vulnerabilities to incident@xyplanningnetwork.com.

Still need help? Contact Us Contact Us