Security Policy
Keeping our clients' data secure is an absolute top priority at Xassist. Our goal is to provide a secure environment, while also being mindful of application performance and the overall user experience.
Data Center Security
Amazon Web Services (AWS) maintains an impressive list of reports, certifications, and third party assessments to ensure complete and ongoing state-of-the-art data center security (https://aws.amazon.com/compliance/programs). They have many years of experience in designing, constructing, and operating large-scale data centers.
AWS infrastructure is housed in Amazon-controlled data centers throughout the world. Only those within Amazon who have a legitimate business need to have such information know the actual location of these data centers, and the data centers themselves are secured with a variety of physical controls to prevent unauthorized access. More information on AWS data centers and their security controls can be found here: https://aws.amazon.com/compliance/data-center/data-centers
Application Security
All Xassist web and mobile application communications are encrypted over 256 bit SSL, which cannot be viewed by a third party and is the same level of encryption used by banks and financial institutions. All data for Xassist is encrypted at rest using AES-256 encryption.
Xassist maintains ongoing PCI compliance, abiding by stringent industry standards for storing, processing and transmitting credit card information online.
Xassist actively monitors ongoing security, performance and availability 24/7/365. We run automated security testing on an ongoing basis. We also contract a third party for penetration testing.
Infrastructure Security
Xassist's infrastructure is hosted in a fully redundant, secured environment, with access restricted to operations support staff only. This allows us to leverage complete data and access segregation, firewall protection, and other security features.
Security Policy
Xassist employs strict security standards and measures throughout the entire organization. Every team member is trained and kept up to date on the latest security protocols. We regularly undergo testing, training, and auditing of our practices and policies.