Hi everyone,
I hope you are all doing well.
I’m writing to request further details regarding the implemented security measures, available documentation, security certifications obtained(SOC2, ISO27001) and/or reports related for aspose.cloud - API product.
We are currently conducting an analysis to evaluate the adoption of the tool within our work environment, and this information is not easily accessible publicly.
These elements are necessary for our evaluation and to ensure the security of our data.
Thank you in advance for your cooperation, and I look forward to your response.
Please check the security practices we are following. However, kindly note that Aspose is a small, privately owned company and has not pursued certifications like SIG/CSA Star, ISO, SOC, or VAPT.
Thanks for your patience. Please find below the details.
Asset Hardening
All of our infrastructure is protected by a sophisticated firewall with intrusion detection and all but the necessary ports are blocked. All of our systems are updated to the latest security patches regularly, with most being setup for automatic updates.
Incident Management
Our infrastructure team is well trained on how to deal with a wide array of possible incidents.
Access Management
We cannot share details due to internal privacy controls. However, we can say that access to an asset is based strictly on need. Only those who need access to an asset have access to that asset.
Data-in-Transit and Data-at-Rest Security
All Aspose Cloud incoming and outgoing traffic is encrypted. Customer data is not stored within the Aspose Cloud infrastructure unless it is specifically requested by the customer. All files are purged from Aspose Cloud storage after 24 hours.
Network Protections
Our network is protected by a sophisticated firewall with intrusion detection and all but the necessary ports are blocked on a per asset basis.