Security at Axis
The safety and security of your personal and corporate confidential data is of utmost importance to us at Axis. As someone running a workshop, you want to be able to take decisions safe in the knowledge the ideas you discuss cannot be unintentionally disclosed to others - through malicious means or by accident.
As such, security is an integral part of Axis’s technology stack. We’re committed to ensuring all necessary security precautions are taken and we comply with the leading standards, security certifications and design our software and infrastructure with security at its core - especially when selecting our third party software and infrastructure providers. As such, we are ISO27001:2013 certified.
We treat workshop data with the same standards that we do personal information; it is subject to the same rigour of review and security implementation that personal information is.
Axis only uses Data Centres and Infrastructure as a Service (IaaS) providers that have SOC1, SOC2 and SOC3 reports, ISO 27001 compliance and EU-US Data Privacy Shield accreditation.
Through these programmes, all aspects of access to all data centres is strictly managed. For instance, permission is only granted to a privileged few granted with clearance, along with heavy security and monitoring. The highest end of these standards requires multiple key cards access and biometric scanning.
Other security measures will include:
- Monitoring both locally and remotely
- 24/7 security and surveillance, both physical and heat sensitive CCTV
- Restricted and verified access mechanisms
- Tried and tested multistage procedures to manage access policy
System and Network
We use established and independent services to monitor and manage all infrastructure. This ensures resilience to threats. We work on regular schedules to continually review and test the security of the platform, safeguarding it from new potential issues. Regular and detailed data audits help to uncover possible security flaws on a frequent basis and repairs and responses to occurrences are dealt with immediately. Datastore servers are behind their own firewalls, and are only available to the application they are associated with.
All Axis endpoints are protected with server authentication and authorisation procedures. This ensures that your data is safe, secure and available only to you or registered users in your organisation, with relevant permissions. The application software is written with security at the heart of it, and our development process includes steps to review security implications on any new features.
All Axis endpoints are protected by Secure Socket Layer (SSL) using 256-bit AES data encryption meaning data-in-transit is secure. Similarly, our database servers use AES-256-CBC standard to secure data-at-rest.
Customer support is provided 24/7 with a 1hr response time SLA for catastrophic issues, along with 99% uptime. Issues can be raised to us by opening the chat widget on the bottom right of this page and speaking to an operator, or send an email to firstname.lastname@example.org
Our production status is available here.
Axis’ application is both developed and hosted to manage scalability. It can accommodate fast intense increases in capacity and we are able to service thousands of users, per instance, globally. Our architecture and data stores can withstand significant traffic and information.
Our data store provides a robust, scalable storage for your web application, with the following features:
- No planned downtime
- Atomic transactions
- High availability of reads and writes
- Strong consistency for reads and ancestor queries
- Eventual consistency for all other queries
A list of Axis’s third-party processors is available in our Processors List below.
Data protection and the EU General Data Protection Regulation (GDPR)
Meed more information?
Contact us at email@example.com, or speak to us on the chat widget on this page.
|Amazon Web Services||Cloud Service Provider||EU||https://aws.amazon.com/security/|
|Atlassian||Ticketing and Documentation||EU||https://www.atlassian.com/trust/security/security-practices|
|Auth0||Authentication & Authorisation Provider||EU||https://auth0.com/security|
|Google Analytics||Session and user tracking||Global||https://support.google.com/analytics/answer/6004245?hl=en|
|Google Cloud Platform||Cloud Service Provider||US||https://cloud.google.com/security/|
|Hotjar||Site usage tracking||Ireland||https://help.hotjar.com/hc/en-us/categories/360003405813|
|Hubspot||Customer Relationship Manager||Frankfurt, Germany||https://www.hubspot.com/security|
|MongoDB Atlas||Database Hosting||EU||https://www.mongodb.com/security|
|Piesync||Syncing data between systems||US||https://www.piesync.com/legal/|
|Receipt Bank||Automated invoice processing for bookkeeping||EEA||https://www.receipt-bank.com/privacy-policy/|
|Xero||Accounting - invoice generation and sales reconciliation||EU||https://www.xero.com/uk/about/privacy/|