Cloud Security Statement

IPConfigure AWS Cloud

Overview

IPConfigure's Orchid Alto and High Availiability (HA) Fusion Hybrid and Fusion SaaS cloud services are hosted and delivered by Amazon Web Services (AWS). Amazon is responsible for the security of its physical data centers and the AWS cloud. IPConfigure is responsible for monitoring, managing and securing the IPConfigure Cloud. More information about how Amazon secure AWS can be found here.

Facilities

AWS manages data centers that host the IPConfigure Cloud. Information about how Amazon maintains security at those data centers can be found here.

IPConfigure Cloud data is hosted in a region in your close proximity for technical and security reasons. All customer data is hosted in separate, fully independent, single-tenant virtual instances.

Certification

Amazon Web Services is responsible for managing security of the cloud service they provide. AWS has been certified by third-party organizations, and manages many compliance programs to comply with laws and regulations. A list of such certifications and compliance statements can be found here.

AWS has a public SOC 3 report on Security, Availability & Confidentiality (pdf) as well as an ISO 27001 certification (PDF).

People and Access

Within IPConfigure, only a few trusted members of our Cloud Team have access to the production environment for the purposes of maintaining our cloud services and assisting our customers. IPConfigure uses independent credentials for each member of our Cloud Team with 2-factor authentication using a hardware token. Additionally, we monitor all access to the IPConfigure cloud.

Customers are responsible for maintaining the security of their own login information.

Customer Data Separation

Each customer's data is logically separated from all other customer data. IPConfigure does not offer any products or features that make your data accessible by other customers.

Data Storage

In the IPConfigure Cloud, all data in motion is encrypted following industry standards. Additionally, all communications with the IPConfigure Cloud are protected with HTTPS or SRTP using TLS and within the Cloud with VPN network connections.

Data Retention

Video data is retained on a first-in, first-out basis, consistent with your product video retention level, while you are our customer. In case you leave our service all data will be removed.

Backups

Customer configuration data (not including video) is backed up no less than once a day, and is encrypted following industry standards. Backup lifetime is 30 days.

Disaster Recovery

IPConfigure's Cloud team has a disaster recovery process in place and it is tested on a regular basis.

Privacy

IPConfigure understands the importance of ensuring the privacy of your personally identifiable information and being legally compliant to privacy laws and regulations.

IPConfigure Datacenter Cloud

Overview

IPConfigure Standard Availability (SA) Fusion Hybrid and Fusion SaaS cloud services are hosted and delivered by SOC2 Type 2, PCI DSS and HIPAA compliant data centers. The data center provider is responsible for the security of its physical data centers. IPConfigure is responsible for monitoring, managing and securing the IPConfigure Cloud.

Facilities

EdgeConnex manages data centers that host the IPConfigure Cloud. Information about how EdgeConnex maintains security at those data centers can be found here.

IPConfigure Cloud data is hosted in a region in your close proximity for technical and security reasons. All customer data is hosted in separate, fully independent, single-tenant virtual instances.

Security

IPConfigure is responsible for managing security of the cloud service they provide. IPConfigure manages internal compliance, privacy, and security programs to comply with laws and regulations.

People and Access

Within IPConfigure, only a few trusted members of our Cloud Team have access to the production environment for the purposes of maintaining our cloud services and assisting our customers. IPConfigure uses independent credentials for each member of our Cloud Team with 2-factor authentication using a hardware token. Additionally, we monitor all access to the IPConfigure cloud.

Customers are responsible for maintaining the security of their own login information.

Customer Data Separation

Each customer's data is logically separated from all other customer data. IPConfigure does not offer any products or features that make your data accessible by other customers.

Data Storage

In the IPConfigure Cloud, all data in motion is encrypted following industry standards. Additionally, all communications with the IPConfigure Cloud are protected with HTTPS or SRTP using TLS and within the Cloud with VPN network connections.

Data Retention

Video data is retained on a first-in, first-out basis, consistent with your product video retention level, while you are our customer. In case you leave our service all data will be removed.

Backups

Customer configuration data (not including video) is backed up no less than once a day, and is encrypted following industry standards. Backup lifetime is 30 days.

Disaster Recovery

IPConfigure's Cloud team has a disaster recovery process in place and it is tested on a regular basis.

Privacy

IPConfigure understands the importance of ensuring the privacy of your personally identifiable information and being legally compliant to privacy laws and regulations.

Tools & Resources

All technical specifications subject to change without notice.