July 29, 2021

How we protect your data at Avisi Apps in 3 important ways

Gert-Jan van de Streek

Team lead / developer

Share this article

Most of the apps we build store data outside the host products we build for. Whether it is Atlassian Jira / Confluence or monday.com, the data lives on the app side of things. That means that you trust us with a great responsibility. And we take this very serious. Therefore, it is good to share 3 key aspects in data protection that we implemented:

  • Data residency: location, location, location
    For many of our customers the location of the data is important for regulatory reasons like privacy laws. The infrastructure that we deploy makes sure that for all of our apps, the following applies:
  • Data is stored in the region that you are hosted from
  • Data inside our deployment never leaves that region, not even in transit*.
  • Your data is encrypted at rest
    Encryption at rest ensures a minimal attack surface on the data that we store. If in any case storage hardware would be compromised because someone somehow gains physical access to it, the data would effectively be unreadable. The use of centrally managed encryption keys also allows us to audit data access, as it enforces a single place of access to the data.
  • We run daily backups of your data
    Every 24 hours we run a full backup of our app databases. This backup is stored close to the original data allowing quick recovery when needed.
    Additionally we sync the backup to another location that is not in any way dependent on our primary hosting location. This allows for disaster recovery in case the primary data center might loose our complete hosting stack.
    Both backups are configured with strict life cycle rules to comply with control frameworks like the General Data Protection Regulations (GDPR) and SOC 2 requirements. In simpler words: Data will only be stored for a limited time to provide for the backup requirements and it will be removed in time to comply with the law.

The Avisi Apps team loves to automate the hack out of things. All our infrastructure is scripted with Terraform and therefore just code, we are truly serverless keeping the maintenance load low and all of our deployment are 100% automated. This approach minimizes the We cannot imagine any other way to do this and this goes especially for our backup solution.

If you want to zoom in even more on the requirements and the way we designed it, we recommend a blog post Backblaze did a while ago. They interviewed our very own Gert-Jan van de Streek and during the interview we share a bit of Avisi’s background and gradually dive into the nitty gritty details. Enjoy!

We take security and privacy seriously and we work tirelessly to protect your data. Our ISO-27001 certification and our SOC-2 compliance are additional proof of our ongoing effort. If you have any additional questions our thought, please contact via our support channel.

[*] Note: inside the deployment means behind our front door. If you use the service from another region (say you are travelling) or your network path to our service is not guaranteed to be regional, you yourself are responsible for the integrity of the in transit data.

Share this article