Fracture Reality is committed to information security.  We place the highest value on our trusted partnerships and have designed JoinXR with that at its core. We are dedicated to safeguarding our customer’s data with the utmost integrity.

ISO 27001:2022 Certification

Since the beginning, Fracture Reality has been implementing industry-leading practices to protect the trust our customers place with us.  JoinXR’s implementation of the ISO 27001 international security standard gives peace of mind to our partners and users. It distinguishes JoinXR as an XR solution with best-in-class security, resilience and legislative compliance.  Our platform is industry-grade and enterprise-ready.


Data Protection

We are committed to upholding the highest standards of data privacy, in full compliance with regulations such as the General Data Protection Regulation (GDPR). We understand the importance of safeguarding our users’ personal information, which is why we adhere strictly to the principle of data minimization. Our systems are designed to: collect and process the absolute minimum data that is necessary for providing our services; to strictly segregate that data by purpose; and to tightly control all access to it.



We’ve chosen Azure as our hosting platform for its secure infrastructure standards, ensuring industrial-grade protection for our application. Leveraging Azure’s robust security measures, we maintain the highest standards of data protection and compliance. This enables us to uphold resilience against emerging threats while adhering to industry-leading security practices.


Backups & Disaster Recovery

JoinXR maintains resilient disaster recovery procedures, including redundant systems, failover mechanisms, and regular undeletable backups. In the event of a disruption, our strategies minimize downtime and ensure seamless continuity of service, guaranteeing the security and availability of your data.


Monitoring and Auditing

We maintain continuous monitoring of our systems and networks to detect and mitigate potential security threats in real-time. Additionally, we conduct regular audits and assessments, including annual penetration tests and compliance checks, to ensure that our security measures remain effective and aligned with industry standards such as OWASP Top 10.


Access Control

Our Access Control mechanisms are designed to ensure that only authorized personnel have access to sensitive areas such as admin panels, databases, and other critical systems. Following the principle of least privilege, we limit access strictly to those who require it for their roles, minimizing the risk of unauthorized access and potential breaches.


Secure Development

We adhere to robust secure development practices aimed at fortifying our software against vulnerabilities and aligning with industry standards. This involves implementing secure coding techniques, conducting routine code reviews and automating testing of both code and dependency vulnerabilities.

Does your information security team require more details?

Get in touch and we’d be happy to fill out your enterprise security questionnaire.