• How do I know that my data is safe if I host it with you?
    We take data security and privacy very seriously here at Inflectra. Each hosted instance of SpiraTest, SpiraPlan, SpiraTeam or KronoDesk runs in its own completely isolated application pool, with a separate database instance. That way the data in each customer's instance is completely separate from all other customers. In addition, we use the following proven measures to ensure data security:
    • Secure Sockets Layer (SSL) for all network traffic
    • Integrated biometric/card access control to datacenter
    • Multi-level redundant firewalls
    • Antivirus, anti-spyware and rootkit prevention software
    • Security staff on patrol 24 hours a day, 7 days a week
       
  • How often is my application data backed-up?
    As part of the Inflectra Hosting Terms of Service we maintain hourly backups of your SpiraTest, SpiraPlan, SpiraTeam or KronoDesk data, with the backups stored at an offsite, remote location for extra security. We retain 10 days of snapshots of the data.
     
  • Where is your data center?
    • We use Amazon Web Services (AWS) global infrastructure for the SaaS version of our products.
    • We have hosting currently available in six regions (USA, EU, Canada, India, Singapore, and Australia).
    • All of our AWS Cloud Hosting includes  SSAE 16 certification, with high performance separate AWS EC2 web and database instances for maximum performance.
    • All data storage is maintained on high speed SSD encrypted fault-tolerant AWS EBS storage with auto-snapshotting.
       
  • What Service Level Agreement (SLA) do you offer?
    The service level agreement (SLA) for our hosting service is described in Exhibit A of the Inflectra Hosting Terms of Service . If you have any questions about our SLA, please contact sales@inflectra.com and one of our talented sales staff will be happy to assist you.
     
  • What security and reliability features do you have in place?
    The servers used to host your SpiraTest, SpiraPlan, SpiraTeam or KronoDesk instance use the following security features: In addition, the data center includes:
    • Secure Sockets Layer (SSL) for all network traffic
    • Multi-level redundant firewalls
    • Antivirus, anti-spyware and rootkit prevention software
    • 3 x OC48 connectivity
    • Power Density (W/sf) = 67
    • Heating, ventilation and air conditioning (HVAC) systems
    • Very early smoke detection alarm (VESDA) and dual interlock fire suppression systems
    • Seismically braced facilities and racks
    • Uninterruptible power supply (UPS) with automatic power transfer bridge system
    • Integrated biometric/card access control
    • 24/7 CCTV video surveillance and recording
    • Security staff on patrol 24 hours a day, 7 days a week
    • Monitoring for HVAC and mission-critical power systems
    • Encrypted Data at REST using Encrypted AWS EBS Volumes
       
  • What Security Standards do You Use?
    Inflectra is Annually Audited against the following standards:
    • 21 CFR Part 11
    • Eudralex Volume 4, Part I & II
    • ISO 9001:2015
    • ISO 27001:2013
    • FDA Guidance on Data Integrity
    • National Institute of Standards and Technology (NIST)
    • General Data Protection Regulation
    • Health Insurance Portability and Accountability Act 1996
     
  • Do you have a GDPR Data Processing Agreement (DPA) for European Customers?
    Yes, we have a standard data processing agreement in place as part of our Inflectra Cloud Platform Terms of Service (ToS). This DPA describes how we process customer data, what the purposes are, how security and privacy are engineered by design, and your right and responsibilities.

    Please check out our Inflectra Cloud Services and The EU General Data Protection Regulation (GDPR) Whitepaper for more details.