Cloud Security Statement
Expium LLC offers hosted product / services (“SaaS”), as described on its website. This cloud security statement applies only to these hosted services; other Expium offerings may involve customer hosted systems, or products and services not involving hosting, to which this cloud security statement does not apply.
Customer Data Separation
Each customer’s data is stored in a separate database schema, isolated from all other customer data. Every web or API request is authenticated and authorized for a specific customer before customer data can flow.
Hosting Location / Jurisdiction
Expium SaaS products are hosted via Amazon AWS, generally in its Virginia USA or Oregon USA cloud hosting facilities.
Integration with Other Services
Expium SaaS products typically integrate with another vendor’s offerings; for example, Atlassian JIRA add-on products use the Atlassian JIRA API to access customer data stored there; this data is treated the same way as any data directly entered by customer users into Expium SaaS products.
Operations and Support
Only authorized Expium team members have access to application data.
Expium systems are backed up regularly with backups stored off-site, using Amazon AWS services. Expium SaaS products which act as add-ons treat the relevant product (for example, Atlassian JIRA) as the system of record to the extent technically allowed, thereby relying primarily on the integrity and security of such upstream systems.