Security and Hosting

Data Security Commitment

At xpath.global, safeguarding your data stands at the forefront of our service philosophy. We meticulously adhere to the rigorous standards of the European General Data Protection Regulation (EU GDPR) and have integrated robust practices aligned with ISO/IEC 27001 to guarantee the utmost protection of your information.

Our security blueprint encompasses extensive measures, and we’re open to discussing additional safeguards upon request.

Hosting

Our platform resides on the secure servers of Amazon Web Services (AWS) within European data centers, ensuring state-of-the-art security, including:

✅ Continuous backups, logging, and auditing services.
✅ Comprehensive physical and environmental controls.
✅ Round-the-clock onsite security to thwart unauthorized access.

AWS’s compliance with standards like —ISO 27001, ISO 27017, ISO 27018, SOC 2, and SOC 3—attests to our unwavering security commitment.

Password Protection & Single Sign-On (SSO)

We treat password integrity with the utmost seriousness:

✅ Passwords are encrypted (hashed with salts), never stored in plain text.
✅ In the event of password loss, users must reset their passwords—we cannot retrieve them.

For enterprises leveraging services like Google, Okta, or Active Directory, our SSO integration allows access without storing passwords on our servers. Authentication occurs through your trusted SSO provider, granting us a secure token for user identification—revocable at your discretion.

Advanced Encryption Practices

✅ All user-server communications are encrypted via TLS, a benchmark for secure data transmission.
✅ We implement encryption-at-rest with the AES-256 algorithm, ensuring your data remains encrypted within our database environment.

Proactive Security Verification

Our security policy encompasses:

✅ Regular automated penetration testing and vulnerability scans, reinforcing compliance with ISO 27001 and the OWASP Top Ten.
✅ An in-app Web Application Firewall (WAF) that uses contextual data for precise traffic inspection.
✅ Runtime Application Self-Protection (RASP) within the app’s environment to immediately identify and counteract active threats.

We’re dedicated to evolving our security mechanisms to provide you with a reliable and secure cloud experience.

E-Book A Guide for Employment Abroad and Relocation to EMEA

Grab a copy of a guide to international employee relocation

View E-book

Internal Process Management

Tax Services

Assignment Costs Management

Data Analytics & Reports

Data Management System

Digitalize Employee Relocation

Expanding The Global Mobility Supply Chain

Global Mobility Case Management System

Document Management and Sharing

Supplier Management System

Tax Calendar

Corporate Immigration Services

Full Assignment Management

Temporary Housing Services

Corporate Relocation Services

Tax Support and Social Security Compliance Services

Consolidated Visa & Immigration Management

Departure Services

Employee Relocation Advisory Services

Immigration Policy & Compliance