Data & Security Controls
  • 29 Jan 2024
  • 1 Minute to read
  • Contributors
  • Dark
    Light
  • PDF

Data & Security Controls

  • Dark
    Light
  • PDF

Article summary

image.png

Mail Fulfillment Production Facility

  • Annual SSAE SOC 2 Type II Audits and annual HIPPA certification
  • Secure FTP transfer of press ready PDF files only. NO DATA is passed.

Application Security

  • AWS Hosted: SOC 1, 2 & 3
  • Regular penetration testing & semi-annual Salesforce security review
  • Annual HIPAA Security Review & Certification via POSTURED.io
  • TLS 1.2 encryption between Send360 & Salesforce API
  • HTTPS & SSL used for any data displayed in browser
  • Encryption at Rest: Live SQL database hosted on encrypted AWS drives.
  • Daily backups stored on AWS SSE drives using AES-256 Encryption.
  • Data is not stored or transported “off-site”.

Staff Access Controls

  • Governed by standard Windows OS ACLs
  • Controlled via AWS Security Group & VPN Security Policies
  • All employee access terminated on day of termination.

What's Next