Trust Appspace

Our team is focused on ensuring that Appspace is the secure, fast, compliant, and reliable platform you expect. Built for the cloud, you can rely on Appspace to scale with you.

trust-bg.png
 
 
scale.png

Grow with hassle-free confidence  

Built from the ground up for the cloud, the Appspace platform is fast, secure, and grows with you. 

Built on strong foundations

Fifteen years of software optimizations, combined with an industry-leading infrastructure provide optimal performance, redundancy, and failover options around the world.

Scale globally

Appspace can quickly respond to increases in customer data and user load. This allows us to provide consistent and predictable performance, and scale in line with your business.

Hassle-free maintenance and upgrades

Cloud customers never have to worry about software or hardware updates. Appspace does the work for you and ensures that your service is always up-to-date. 

 
 
secure.png

Trust Appspace to keep you secure

Our security team ensures best practices govern how we manage your data storage and access, redundancy and failover, and more. 

 

Data storage and encryption

The Appspace platform was designed and optimized to run on separate regional hardware on which the data is stored. Hardware failures are recovered automatically, and data stored on redundant storage is backed up at least every four hours (but often it's more frequent). All data is encrypted when in transit and at rest.

Facilities access

Access to data centers is highly restricted and limited to authorized personnel only, who are verified using biometric identity technology. Physical security measures include on-premises security guards, closed-circuit video monitoring, and a host of other intrusion protection measures. Within the data center, all Appspace equipment is stored in secure hardware racks designed to be earthquake-proof.

Data centers are located in geographically diverse locations across the United States, the European Union, and Asia Pacific.

People and account access

The Appspace support team access hosted accounts and data for purposes of maintenance and troubleshooting, and only upon customer request via our support system. Within Appspace, only authorized Appspace employees have access to customer data. Authentication is via unique passphrase-protected public keys, rather than passwords, and the servers only accept incoming management connections from Appspace and internal data center locations.

All access to customer accounts or data is automatically recorded for review by our security team. The Appspace platform is designed to allow data to be accessible only with the appropriate credentials. Customers are responsible for maintaining the security of their login information.

The Appspace operations team monitors and manages the Appspace platform 24x7 from operation centers in Dallas, London, and Kuala Lumpur using several industry-leading monitoring and management tools.

Backups

All database and content backups for the Appspace platform occur at least every four hours, and backups are retained for no less than three months. All backup data is encrypted.

Privacy

Appspace understands the importance of ensuring the privacy of your personally identifiable information. For more information, please see our Privacy Policy.

 
 
compliance.png

Peace of mind from industry compliance

We adhere to widely accepted standards and regulations for testing our operations, environment, and controls - as you would expect.

 

Our Service Providers

We hold our service providers to very high standards. Data centers, co-location, and managed service providers undergo regular SOC1, SOC2 and/or ISO 27001 audits to verify their practices.

Appspace reviews the results of these audits at least annually. In the event that our findings determine any risks to Appspace or you, we work with the service provider to understand any potential impact to your data and monitor their efforts until the issue has been resolved.

In addition to software penetration testing we have performed on the Appspace platform, we only select data center providers that maintain industry-standard certifications. Appspace data centers are SOC-1 (formerly SAS 70) compliant. These certifications address physical security, system availability, network and IP backbone access, customer provisioning and problem management.

External and internal software security testing

Our security team performs automated and manual software security testing, as well as network vulnerability testing on an on-going basis to identify and resolve potential security vulnerabilities and bugs in our software.

Continuous Improvement

A key part of any information security management process is the on-going effort to improve our security and compliance programs, systems, and controls. Appspace solicits feedback from several internal teams, customers, as well as internal and external auditors to improve our security, privacy and compliance processes and controls over time.

 
 

Frequently asked questions

We get asked a lot of questions, we've gathered them together to make it easier for you to find the answers you need. This page is regularly updated, so be sure to check back for new answers.

 

Does Appspace adhere to Information security standards?

ISO27001 - The Appspace Security Team has modeled our internal security policies on the ISO27001 Certification. Certain aspects of the certification do not apply to our customer’s needs, but we are working on expanding the scope of the certification of our product and cloud services portfolio.

Will Appspace share information on its internal controls?

We have put a lot of work into implementing controls that help us meet our customer’s needs and can adjust quickly to the realities and challenges of delivering a SaaS platform. We include the controls found in external regulatory requirements and industry standards.

Who has access to user data?

For Appspace cloud users, we've outlined our approach in our Cloud Security Statement and our Privacy Policy.

Is user data encrypted?

Appspace uses TLS to protect information while in transit across the Internet. We have implemented TLS1.1 and higher to support 256bit and higher encryption, further supporting data protection.

Is TLS always used?

Yes, Appspace cloud-based systems only use TLS, for communication. In addition, and in line with Industry standards, we have removed support for SSL 3.

How are user passwords stored?

Passwords are stored in a one-way hash within the Appspace platform.

Does Appspace audit its cloud security?

We have an extensive security process that includes ongoing testing of our hosted systems.  We also undertake third party independent assessments of our platform.

Can we see the testing reports?

We are working on determining the best way to share reports and be open about our internal testing results in a way that is secure and makes sense for our customers and us.

Can we undertake our own security testing?

In line with our End User Agreement, we currently do not allow customer-initiated testing for our hosted service. We are committed to being open and will endeavor to share such information when we’ve determined the best course for doing so.

Can you complete my Security Questionnaire?

We are committed to being open and transparent and sharing as much information as we can to enable you to make your decision to use our platform. Unfortunately we are not able to answer each individual questionnaire.

What is Appspace's data privacy policy?

Please check out our latest Privacy Policy.

What responsibilities does Appspace maintain during a security incident? 

We aim to ensure Appspace users don't experience an outage or a security incident. However, an Incident Response Plan outlines the roles and responsibilities for Appspace and its users during such an event. Each plan is tailored to a specific incident type and is issued to account owners should a security incident should occur. 

 

Do you have questions?