Packcity - Indoor

  • FAQ

    Physical data center access is only restricted to authorized employees. All employees who need data center access must first apply for access and provide a valid business justification. These requests are granted based on the principle of least privilege, where requests must specify to which layer of the data center the individual needs access, and are time-bound. Requests are reviewed and approved by authorized personnel, and access is revoked after the requested time expires. Once granted admittance, individuals are restricted to areas specified in their permissions.

    All equipment is checked upon arrival. Visitors are screened upon entry to verify their identity, and in shared situations, are escorted to their appropriate locations.
    We also restrict personnel access to all hypervisor management functions or administrative consoles on the principle of the least privilege.

    Customers’ data are stored in in a multi-tenant database databases and are not encrypted.
    Access policy for the customer is set on application level.

    The application server and database are backed up nightly to an external site. Backups are not
    encrypted.
    RTO (Recovery Time Objective) = 4 hours.
    RPO (Recovery Point Objective) = 24 hours.

    User can access only with their login and password. All requirements and trust levels for customers’ access have been defined and documented.

    By default, data retention time is 12 rolling months. After this period, data are deleted in the database. All data are deleted at the end of the Customer’s contract.


    More FAQ's...