<img src="https://certify.alexametrics.com/atrk.gif?account=u5wNo1IWhe1070" style="display:none" height="1" width="1" alt="">
Blog
Request a Demo
Menu
Blog
Request a Demo

Expede Services Specification

Download a Copy

 EXPEDE SERVICES SPECIFICATION


SERVICES TERMS:
This Services Specification should be referenced in conjunction with EXLS-C6000-002 Expede Licence & Services Terms & Conditions.


SERVICES SUMMARY:

This Service Specification details the standard Services provided to Host the Platform for Customers. The Services are inclusive of all Hosting and support required to provide Customers with access to the Platform in accordance with the standard Agreement.

1. DEFINITIONS AND INTERPRETATION
1.1 In addition to the definitions defined within EXLS-C6000-002 Expede Licence & Services Terms & Conditions the following definitions apply to this Specification:

“Accessible Content” is defined with EXTS-7002-004 Platform Specification;

“Archive Content” is defined with EXTS-7002-004 Platform Specification;

“Azure” refers to the Microsoft Cloud hosting services know as Azure;

“Complex File Conversion” is defined with EXTS-7002-004 Platform Specification; and

“Hosting” means the Cloud hosting of the Platform as a Service to Customer through Microsoft Azure and is inclusive but not limited to: connection of User through Customer Microsoft Active Directory account, dedicated database, dedicated storage, data encryption, security, backup and restoration services at the Hosting location.


2. PLATFORM HOSTING
The Platform hosting is provided to Customer as a Service and is provided through Microsoft Azure Cloud. https://azure.microsoft.com/en-au/overview/what-is-azure/

3.0 HOSTING LOCATIONS
The Platform is hosted through Microsoft Azure at the following Microsoft Data Centres.



Geographical Region Azure Datacentre 1 Azure Datacentre 2
Australia Australia Central Australia SouthEast
Singapore Singapore
United Kingdom UK South UK West
United States of America Central US West US 2

During the Platform configuration, Customer must select the required hosting location from the above geographical location.


4.0 DATA SOVEREIGNTY
At Platform set-up the Customer selects the geographical datacentre which meets the Customer’s data sovereignty requirements from the list below. Under this standard Services Specification only a single location can be selected.
For Customers that have data across multiple global locations and require regional data sovereignty, Expede can provide under additional service agreements a single version of the Platform that can access Customer dedicated databases across different global datacentres. This allows Customers to operate a single solution whilst complying with their regional data sovereignty obligations.

The Platform is available in the following geographical locations:
1. Australia
2. Singapore
3. United Kingdom
4. United States of America

5.0 BACKUP AND RESTORATION
Under this Specification Customer is provided with a dedicated database and data storage. The underlying database is hosted in Microsoft Azure Cloud which is guaranteed 99.99% availability. Customer database backups are encrypted and retained for 35 days. The database can be restored to any point in time for which a backup exists. Restoration time will depend on the size of the Customer database.
Microsoft has verified Provider Service Level Agreement (SLA) and availability as part of the certification process undertaken by the Provider.

https://azuremarketplace.microsoft.com/en-us/marketplace/apps/aad.expedeplatform?tab=Overview

6.0 DATA AT REST
For Data At Rest, the Platform utilises Microsoft Azure TDE encryption and stores Customer data in a dedicated database for each Customer with full Data At Rest encryption.
https://docs.microsoft.com/en-us/sql/relational-databases/security/encryption/transparent-data-encryption?view=sql-server-2017

7.0 DATA IN TRANSIT
For data in transit, the Platform is secured by 256 bit SSL Encryption.

8.0 DATACENTRE ISO27001
The Platform is hosted in the Microsoft Azure Cloud, the data centres exceed all current ISO standards for physical infrastructure and security. More information is available from https://azure.microsoft.com/en-gb/overview/trusted-cloud/

9.0 GENERAL DATA PROTECTION REGULATION (GDPR) EUROPE
The Platform has been developed within the United Kingdom and is GDPR compliant, both from the User information retained within the Platform and to support Customers in meeting their GDPR and other data privacy legislative obligations.
https://ec.europa.eu/commission/priorities/justice-and-fundamental-rights/data-protection/2018-reform-eu-data-protection-rules_en

10.0 INDEPENDENT VULNERABILITY TESTING
An independent 700 point penetration test including OWASP top ten threats is regularly undertaken as part of the Services.

11.0 CONTINUOUS MONITORING
The Platform has extensive logging in place to detect attempted hacking or access to unauthorised data both by external sources and Users. Similarly, the hosting environment is continuously being monitored with alters configured when threshold metrics are exceeded.

12.0 SERVICE LEVEL AGREEMENT
The Services are provided with a 99.9% uptime commitment which has been assessed by Microsoft as part of its certification process. For details of this provision please refer to the Service Level Agreement EXSL-7007-004.

13.0 USER ACCESS
The total number of Users that have access to the Platform under the Services is defined within the Order Form.

14.0 ACCESSIBLE CONTENT STORAGE
The total storage provided under the Services is defined within the Order Form.

15.0 ARCHIVE CONTENT STORAGE
The total storage provided under the Services is defined within the Order Form.

16.0 COMPLEX FILE PAGE CONVERSION
The total number pages of Complex File Conversion under the Services are defined within the Order Form.