Security Practices

Last Updated: 12 September 2019

 
Security 

Aspose uses Amazon EC2 cloud servers. Using an industry standard like Amazon helps guarantee the security and resilience of our services. Amazon has attained a number of certifications that affirm that they have stringent, working internal controls.

Physical Security

Amazon safeguards the physical security of their servers. Servers are located in non-descript facilities, and critical facilities have extensive setback and military grade perimeter control. Access to data centers requires two-factor authentication at three points.

Data Security

Host operating systems are kept secure by internal processes and procedures. Guest operating systems are entirely controlled by Aspose. Amazon administrators do not have access to them. By default, inbound firewall rules deny all traffic to host servers.

Backups

Amazon systems are built with extensive redundancy in mind. Aspose backs up data on a daily basis. All access is logged and tracked for auditing purposes.

Maintaining Privacy

Account passwords are encrypted and filtered out from all application and system logs. Passwords are not visible to anyone.

Sign out of your Aspose account to prevent someone from using your computer to access your account without your authorization. Keep your user name and password secure and do not disclose it to any third-party. In case a third-party gains unauthorized access to your account due to any act or omission on your part, you are solely responsible for any loss caused.

Credit Card Safety

Aspose does not retain any credit card information provided by you. When we charge your credit card, such information is transferred directly to, and processed by, our payment gateway.

To protect user information, Aspose's payment gateway uses the latest 256-bit Secure Socket Layer (SSL) technology for secure transactions. The payment gateway is certified as compliant with card association security initiatives including Payment Card Industry (PCI) and Cardholder Information Security Program (CISP) standards for data protection.

File Retention Policy

Aspose products run on customer's own machines, infrastructure and network and do not send any files back to Aspose for processing and therefore does not have access to them. From time to time a customer may send documents to the Aspose support team via the forums for the purpose of diagnosis of technical issues or feature requests. These files are maintained only as long as necessary to complete the required task and the customer can ask for these files to be removed at any time. If the customer marks the thread as private none of these files are accessible to any person other than the customer and select Aspose staff.

Reporting License and Software Theft

If you think an Aspose license is being used in a way it shouldn't be, or you suspect an Aspose product has been modified and being made available for free, please tell us about it. More ...

System Status

System uptime and availability is a major priority for us, check system uptime and subscribe to status notifications from our System Status page. System Status

More questions about Security?

You can read more in our EULA and Privacy Policy. If you have a question, concern, or comment about Aspose's security that's not covered here? This email address is being protected from spambots. You need JavaScript enabled to view it. or Ask on the support forums.