Your schedule is safe with us. x.ai takes customer trust and data security seriously, and we’re proud to share the processes we have in place to protect your organization.
An independent auditor has evaluated our product, infrastructure, and policies, and certifies that x.ai exceeds the stringent requirements expected of a cloud service. In addition, x.ai undergoes regular penetration testing. To request further information about our security protocols and audits, contact us.
x.ai is committed to helping our users understand their rights and our obligations under the General Data Protection Regulation (GDPR). We have introduced tools and processes to ensure our compliance with requirements imposed by the GDPR and to help our customers comply as well.
To learn more about our compliance with GDPR’s Privacy Shield Framework, please see our privacy policy.
x.ai regularly undergoes penetration tests to identify potential vulnerabilities and ensure that our system employs the latest threat protection technologies.
We employ bank-level security to encrypt your data with AES-256 SSL encryption both while in transit and upon storage in our secure cloud.
We rely on the security protocols supported by your email providers to keep you safe by validating all incoming emails using DKIM and SPF verification. This enables us to know if a message is coming from an authenticated server. Users logging into our application are protected by HTTPS secure communication sessions using SSL.
The entire x.ai infrastructure is hosted on our infrastructure partner, Amazon Web Services (AWS). AWS utilizes state of the art electronic surveillance and multi-factor access control systems. The data centers are staffed 24×7 by trained security guards. The infrastructure resides in a VPC, thus limiting access.
OAuth is used to provide an additional and separate layer of access control.
x.ai provides admins with a detailed trail of account activity. System and user access to the x.ai infrastructure are logged and stored.
All x.ai employees, contractors, and agents with access to your information are required to authenticate themselves using username, password, and multi-factor authentication (MFA). Our data collection, storage, and processing operations are guarded both physically and virtually from the outside world. Employees are rigorously vetted and access to the infrastructure and data stores are authorized based on the principle of least privilege. Individual users’ access controls are managed through a role-based, security group management system.