Security, Service, and Privacy

Trellis application and database servers, as well as backup storage, are provided by Amazon Web Services (AWS), a Certified Cloud Service under the Information Security Registered Assessors Program. All cloud infrastructure is located in the ap-southeast-2 (Sydney) AWS zone.

Database storage is encrypted using industry standard AES-256 encryption. Connections to the Trellis application are encrypted and authenticated using a strong protocol (TLS 1.2), a strong key exchange (ECDHE_RSA with P-256), and a strong cipher (AES_128_GCM).

Our recovery point objective (RPO), the maximum length of time for which data may be lost in the event of a serious incident, is 12 hours, with full system backups taken twice daily. In the event of a major incident which causes the primary servers to be unusable, our recovery time objective (RTO) is 24 hours.

Trellis software is utilised under license to a customer. All customer information and data is kept strictly confidential and remains the property of the customer. Full CSV exports of all data can be produced at regular intervals and provided for download via secure FTP for the client's own backup purposes.

Trellis Technologies will provide 24 hour notice of any planned maintenance which will result in Trellis being unavailable for longer than 1 hour during business hours. We will attempt to maintain an uptime (exclusive of scheduled maintenance) of 99.9% or greater.

In the event that a security incident is detected, Trellis Technologies will notify customers within 48 hours.

Help desk support is available between 9:00 am to 5:00 pm ACST on business days. Find out how to lodge a support request here.