Securing Your Data
Multi-tenant platform security
XBAND uses multiple redundant, enterprise-class firewall systems to help prevent unwarranted intrusions and to help ensure only authorized users access your cloud environment. This purpose-built security system integrates firewall, VPN and traffic management.
We also run multiple intrusion protection systems (IPS) (both host and network) to help detect and deter malicious network traffic and computer usage that often cannot be caught by a conventional firewall. The system monitors for unusual traffic patterns and alerts system administrators of any suspicious behavior.
IPS can also help prevent network attacks against vulnerable services; data driven attacks on applications; host-based attacks such as privilege escalation; unauthorized logins and access to sensitive files; and malware (e.g. viruses, Trojan horses, and worms).
Each of XBAND’s world-class datacenters adheres to strict standards in physical security. Each datacenter is closely monitored and guarded 24/7/365 with sophisticated pan/tilt closed-circuit TVs. Secure access is strictly enforced using the latest technology, including electronic man-trap devices between lobby and datacenter, motion sensors and controlled ID key-cards. Security guards are stationed at the entrance to each site.
Every XBAND employee, regardless of role, undergoes a rigorous background check. Employee access to passwords, encryption keys and electronic credentials is strictly controlled using two-factor authentication and role-based access control. Access to servers is restricted to a limited number of authorized engineers and monitored regularly.
Redundant internet service providers
Each of our datacenters is serviced by multiple Tier-1 internet providers to help mitigate the potential impact of a Denial of Service (DoS) attack on any single provider.
Authentication and access
XBAND has established a number of stringent policies and procedures to authenticate a caller’s identity during support and service calls. These policies and procedures help protect confidential information belonging to your account and to your users by helping to ensure that only authorized members of your team are given access to our services. In addition, our online control panel enables administrators to fully control access to services and administrative functions.
Dedicated security staff and monitoring
XBAND employs dedicated, full-time security staff who are certified in information security. This team is involved with all aspects of security, including log and event monitoring, incident response, managing intrusion detection systems (both host and network), perimeter defense, service and architecture testing, and source code reviews.
XBAND is registered and certified with the US Department of Commerce for privacy under the Safe Harbor program. This stringent set of requirements ensures any certified provider has established an in-house program, identified a privacy officer, met all the provisions for proper disclosure of its privacy practices, and offers mechanisms for feedback, opting out, and dispute resolution.
Audit report: SOC 2 certification
XBAND has a SOC 2 audit report from an independent auditor who has validated that, in their opinion, our controls and processes were effective in assuring security during the evaluation period. XBAND is audited company-wide, not just at the datacenter level. Additionally, while some service providers may only choose to be audited against one or two of the five trust service principles (security, availability, processing integrity, confidentiality and privacy), XBAND has been audited against all five.
The payment processing system utilized by XBAND has passed the strict testing procedures necessary to be compliant with the PCI Data Security Standards (PCI DSS). This helps ensure that your payment information will not be accessed by unauthorized parties or shared with unscrupulous vendors.