xMatters has released an official statement and workshops to help customers navigate through COVID-19

Data Encryption

  • Data in Transit: xMatters’ cryptography controls use Hyper-Text Transfer Protocol Secure (HTTPS) over Transport Layer Security (TLS) version 1.2 using 2048 bit key length, and Internet Protocol Secure (IPSec).
  • Data at Rest: xMatters uses Data at Rest Encryption using GCP Key Management Service (KMS). All data is encrypted using 256-bit Advanced Encryption Standard (AES-256), with each encryption key is itself encrypted with a regularly rotated set of master keys. xMatters is the only entity that possess the keys for the Data at Rest Cryptographic Controls within GCP and therefore Google does not have access to the data. Each client database protected using schema separation.

Client Data Protection

Data as an asset (Classification and Handling)

At xMatters, data is treated as a valuable asset. Information assets of the organization will be classified based on their relative business value, legal requirements and impact due to loss of confidentiality, availability and integrity of the information asset. The level of security will be identified based on the information classification performed.

Customer data is classified at the highest level.