.png){kind=small}
THE SERVICE PLATFORM YOU CAN TRUST
Xaana delivers the highest security and privacy measures, to keep your data safe.
Security, privacy and compliance are the foundations of our platform.
01
Organisational Security
Security has been and will always be our top priority at Xaana. All our employees undergo mandatory security, compliance, and privacy training as part of their induction process.
Even though each individual's involvement may vary depending on their role, security is at the heart of everything we do at Xaana.
02
Architectural Security
Logical security
Multifactor Authentication
​
We recommend that customers use multifactor authentication (MFA). Xaana allows customers to bring in their own MFA provider that is backed by the TOTP (time-based one-time passcode) algorithm. With this setup, customers can easily integrate MFA providers with Xaana's login. Xaana also allows end users of customers to receive a one-time passcode delivered via an email-to-SMS gateway mechanism.
​
Step-Up Authentication
​
If someone leaves their console open or multiple users access Xaana from the same device, organizations that use SAML as an authentication type can secure against unauthorized access by identifying critical items within Xaana. This allows customers to force a secondary authentication factor that users must enter to access those items.
Xaana Native Login
​
For customers who wish to use our native login, Xaana only stores our Xaana password in the form of a secure hash as opposed to the password itself. Unsuccessful login attempts are logged as well as successful login/logout activity for audit purposes. Inactive user sessions are automatically timed out after a specified time, which is customer configurable by the user.
03
Operational Security
Physical Security
​
Our data centres adhere to the strictest physical security measures including, but not limited to, the following:
-
Multiple layers of authentication for server area access
-
Camera surveillance systems at key internal and external entry points
-
24/7 monitoring by security personnel
Network Security
​
Xaana has established detailed operating policies, procedures, and processes designed to help manage the overall quality and integrity of the Xaana environment.
Network IPSs monitor critical network segments for atypical network patterns in the customer environment as well as the traffic between tiers and services.
Application Security
​
Xaana has implemented an enterprise Secure Software Development Life Cycle (SDLC) to help ensure the continued security of Xaana applications.
Xaana delivers solutions engineered with built-in security to help you meet the most rigorous governance, compliance, trust and requirements.
Secure access
Bank-grade encryption
Audit completeness
Certifications & accreditations
As cyber attacks continue to rise and plague organisations, having the knowledge that your data security is being taken care of by a trusted partner is essential. This gives you the ability to focus your time and resources on your core business.
​
Xaana acquired the ISM certification to follow international best practice to mitigate threats and create a global policy framework which allows us to include security as part of the design process.
SOC 1 & 2 Audit Complete
We are proud to announce that we completed our SOC 2, Type 1 Audit and are compliant with AICPA's Trust Service Criteria for Managed Service Providers. This means that our systems have the highest levels of security in place to protect your company's private and sensitive data.
​
With the growing risks of cyber security attacks, it's essential you choose an Information Technology Partner you can trust. We conducted the SOC Audit to reinforce that we provide the best IT services in Australia and will continue to do whatever it takes to keep our partners' trust.
Request Access to Our Documents
Get started with Xaana's Secure Data Platform
Our team is here to help. Provide us with your details and we will get back to you as soon as possible.