Exium's platform seamlessly integrates Security Access Service Edge (SASE) and Extended Detection and Response (XDR) functionalities, delivering comprehensive security and networking solutions from a single cloud-based platform. Ensuring compliance with privacy regulations like the General Data Protection Regulation (GDPR) is crucial, and Exium is committed to meeting these requirements to protect the data of end users specified by its customers.
¶ Understanding Data Types and Management
Exium’s platform handles two primary types of data: Configuration Data and Log Data.
¶ Configuration Data
Stored in a primary Apache Cassandra database, Configuration Data includes sensitive information such as customers' email addresses, workspace details, policy configurations, and audit logs. This data is vital for configuring and managing services and is treated with utmost sensitivity. To comply with GDPR, the following measures are in place:
|
Data Encryption |
Access Control |
Data Residency and Lifecycle Management |
|---|---|---|
| All Configuration Data is encrypted both in transit and at rest, ensuring robust protection against unauthorized access. | Strict access controls confine Configuration Data access to specific users within a customer's workspace. Customers can invite specified users to access and manage this data. | Configuration Data is stored with a limited lifetime to minimize risk. It can be deleted upon customer request or when a workspace is no longer in use. |
¶ Log Data
Log Data is essential for system monitoring, capturing snapshots of Configuration Data during service delivery. This data helps operators track and resolve issues without compromising customer privacy. Log Data management involves:
| Encrypted Storage | Vendor Collaboration | Automatic Data Purging |
| Similar to Configuration Data, Log Data is encrypted in transit and at rest. | In some cases, Log Data might be stored with trusted vendors like Google Cloud, always under strict GDPR compliance. | Log Data is stored for a limited time and automatically removed, aligning with data minimization principles of GDPR. |
¶ Global Cybermesh and Regional Data Residency
Exium's Cybermesh is globally distributed, enhancing the platform's reach and reliability. However, for customers in the European Union (EU) region, stringent data residency policies are enforced to comply with GDPR:
|
Regional Data Storage |
Localized Compliance |
Reliable Accessibility |
|---|---|---|
| Data from customers in the EU is strictly stored within the EU, confined to Cybermesh nodes strategically located in cities such as Frankfurt and Paris. This ensures that customer data does not leave the EU region, aligning with GDPR data residency requirements. | By leveraging these regional nodes, Exium ensures that data processing and storage comply with local regulations, minimizing transfer-related risks and enhancing data protection. | This strategic distribution also allows for improved service availability and performance, as data is processed and stored closer to the end users. |
¶ Data Collection and Processing
Exium collects necessary personal data through secure channels such as an admin console, email, phone, or integration with systems like Active Directory. This data collection adheres to GDPR's data protection principles:
|
Purpose Limitation |
User Consent and Control |
|---|---|
| Personal data is strictly used for delivering networking and security services. No unauthorized sharing with third parties occurs. | Customers must agree to Exium’s End User License Agreement (EULA) before using the platform, ensuring informed consent. |
¶ Privacy by Design and Data Security
Exium’s platform is designed with privacy and security at its core, ensuring compliance with GDPR:
|
Encryption Practices |
Separation of Data |
Administrative Controls |
|---|---|---|
| All data, whether in transit or stored, is encrypted to fortify security. | Workspaces are created to segregate customer data, preventing unwanted access or data blending. Upon service termination, all related data is automatically purged. | The admin console provides tools for managing and modifying personal data when necessary, while upholding data protection laws. |
¶ Conclusion
Exium's unified SASE and XDR platform not only provides an integrated approach to security and networking but also ensures compliance with GDPR data residency and protection requirements. By prioritizing encryption, access controls, and robust data management practices, Exium empowers its customers to confidently navigate the complexities of data privacy while delivering efficient, reliable services. With its region-specific data residency policies, Exium further enhances its commitment to protecting customer data while optimizing service performance and accessibility.