SpecPage SaaS Cloud Solutions

SaaS Cloud Subscription services are designed to meet the needs of organizations at all stages in their PLM and PDM implementation:

• Release upgrades performed by SpecPage at no additional cost, no matter how much your solution has been customized
• Live hotline and online support from experienced SpecPage support engineers, including unlimited support tickets, developer assistance and escalation management
• Service packs which can be ordered to include enhancements, security updates and hot fixes
• Access to the SaaS Subscriber Portal, which houses online learning and the SpecPage SpecPDM Knowledge base

Our multi-layered approach to security begins with the physical security of your data, and is why we deploy our private cloud in Tier IV Data Centers that enforce the most stringent security policies available of any data center option. Tier IV is exceptionally rigorous, with requirements such as:

• Full redundancy of subsystems
• Compartmentalized security zones with biometric access controls
• Independently dual-powered cooling equipment
• Fault-tolerant electrical power distribution

To meet our commitment to delivering best-in-class services, SpecPage has exclusively deployed our secure private cloud in leading Tier IV Data Centers in Switzerland. Quality, stability, neutrality, confidentiality: Switzerland is capitalising on its strengths and investing in the data-driven economy.

Switzerland has been rankend as one of the safest places in the world to host a data center. These are the findings of the Data Center Risk Index published by the American property management company Cushman & Wakefield. As a Swiss company, SpecPage private cloud solutions are exclusively hosting in highly secured TIER 4 geo-redundant data centers in Switzerland. SpecPage is ISO 27001 certified and is compliant with outsourcing regulations.

CLOUD Act: Why Swiss data protection and Swiss based servers are the safest option

Since the Patriot Act of 2001, US companies have been required to disclose data at the request of the US authorities. With the CLOUD Act of 2018, the US authorities now also seek access to foreign servers. For companies that need to comply with the E.U. GDPR (The General Data Protection Regulation), the new US legislation raises additional compliance issues. The CLOUD Act, which requires US companies to provide access to data even if the local foreign laws prohibit it, creates an international conflict of applicable law.

Special attention in respect of the U.S. Cloud Act must be paid to a due diligence of the organizational setup for global electronic communication/computing services, especially when operating in multiple jurisdictions. Where critical data, including confidential information and personal data of individuals, is stored in the cloud, state-of-the-art security measures must be applied, including encryption of transmission channels and data repositories. Last not least service provider agreements should contain default language about the obligation of the service provider to only provide customers’ data to the law enforcement authorities subject to a valid legal request, i.e. a warrant, which is a court order based on evidence to a judge that reliable information indicates a probable reason for the requested search; and to redirect prosecutors to directly approach the service recipient for the data, rather than going through the cloud provider, if practical and if doing so will not compromise the investigation; and notify the service recipient about the law enforcement authorities request to preserve, backup, or disclose the contents, if doing so will not compromise the investigation (i.e. no gag order has been issued).