Skip to main content
Xoxoday Plum encrypts all platform backups using AES 256-bit encryption, ensuring stored data remains protected and inaccessible to unauthorized parties at all times.
When organizations run rewards and incentive programs at scale, the underlying data — employee records, redemption histories, reward catalogues, and transaction logs — represents a critical business asset. Xoxoday Plum treats this data with the same rigor applied to production systems, extending enterprise-grade protection to every backup it creates.

AES 256-Bit Encryption: The Industry Standard

All backups generated by Xoxoday Plum are encrypted using AES 256-bit encryption (Advanced Encryption Standard with a 256-bit key length). This is the same standard used by financial institutions, government agencies, and major cloud providers worldwide. AES-256 is widely regarded as computationally infeasible to brute-force, providing a robust defense against unauthorized access — even in the event of physical media theft or a storage-layer compromise.

Why Backup Encryption Matters for HR and IT Teams

For organizations using Xoxoday Plum alongside tools like Workday, SAP SuccessFactors, or Darwinbox, employee data flows across multiple integrated systems. Backups capturing this data must meet the same standards as live data stores. Unencrypted backups are a common gap flagged in security audits, particularly for organizations working toward SOC 2 Type II or ISO 27001 certification. Xoxoday Plum’s encrypted backups help close this gap, ensuring backup data remains protected throughout its full lifecycle.

How This Supports Compliance Requirements

Data protection regulations such as GDPR, and frameworks like SOC 2 Type II and ISO 27001, require that personal data be protected not just in transit and at rest, but also within backup archives. Xoxoday Plum’s AES 256-bit backup encryption directly supports these requirements. IT and security teams auditing Xoxoday Plum’s data handling practices will find that encryption is applied uniformly across all backup types — there are no exceptions based on schedule, backup tier, or storage destination.

What This Means in Practice

When a backup runs — whether scheduled daily, triggered incrementally, or initiated by a system event — the resulting file is encrypted before storage. This means that even if a backup file were accessed outside its intended environment, its contents would remain unreadable without the corresponding decryption key. For enterprises managing large reward programs with thousands of participants across regions, this directly reduces risk exposure and strengthens data governance posture. Organizations that connect Xoxoday Plum to collaboration tools like Slack or Microsoft Teams for reward notifications can be confident that any user data captured during those interactions is equally protected within the backup layer. Backup encryption is not an optional add-on in Xoxoday Plum — it is a built-in, non-negotiable part of the platform’s data security architecture. Learn more: Xoxoday Plum Help Centre — General

How does Xoxoday Plum handle data encryption at rest?

Learn how Xoxoday Plum protects stored data using AES 256-bit encryption across databases, file storage, and backup systems.

Is Xoxoday Plum SOC 2 Type II certified?

Understand Xoxoday Plum’s compliance certifications, including SOC 2 Type II and ISO 27001, and what they mean for your organization.