A common concern for buyers of cloud services is data security and privacy of data.
The following information relates to our security practises and is provided as deliberately high-level and generic as this webpage is in the public domain. Further technical details can be provided to qualified buyers upon request.
PoolCar exclusively uses Rackspace data centers and servers. Rackspace is the world's number one managed cloud provider. Our servers are located in Australia, UK and the United States.
For thorough and detailed information relating to how Rackspace handle security, please refer to this page in particular. It providers a general overview with links to drill down for more information.
Customers who choose PoolCar will be hosted on the most appropriate server, geographically speaking. Data sovereignty refers to how data travels across countries and different legislation. Data belonging to customers who are hosted on a cloud server of a given country will remain in that country and not be transmitted offshore.
PoolCar database backups are stored as encrypted files and retained for a specified period of time. In addition to database backups we also backup the entire server image.
Data can be optionally encrypted in transit with our complimentary shared SSL certificate and also encrypted at rest using industry standard encryption technologies.
As PoolCar is an Australian domiciled company, the Australian Privacy legislation applies.
Each customer has its own separate database running off the one application version, commonly referred to as multi-tenant. This means your data is not stored in a big bucket with everyone else's data - it is fenced and partitioned off inside its own separate database.
Our standard Service Level Agreement (SLA) has a clause that clearly states the customer owns their data. PoolCar does not own the data and in the unlikely event a customer should wish to change providers, PoolCar can provide a quote to extract the data into Microsoft Excel so that it can be imported into another system.
Penetration Testing and Vulnerability Scanning
PoolCar takes security seriously with a posture that reflects being a good house-father of customer data. We use industry leading tools such as Tenable products and Kali Linux for automated vulnerability scanning and penetration tests. Scan results are available to qualified buyers upon requests.
If you are currently evaluating different vendors for fleet management software or vehicle booking systems, don't be afraid to ask them about their security practises and see how theirs compares!