We take customer data protection extremely seriously and follow best industry practices to keep your account up and running.
Read on to learn about some of the security practices we implement.
SSL Secure Connection
You can access your workspace using a secure HTTPS link such as
https://example.spp.io. We also issue a trusted SSL certificate for each custom domain at no additional charge.
We outsource infrastructure hosting to Amazon Web Services (AWS) as it provides high levels of physical and network security, as well as scalability, backups, and redundancy.
Monitoring And Redundancy
We keep a close eye on error logs and performance so if any issues arise we are able to address them immediately. Every major component in our infrastructure has multiple levels of redundancy and automatic failovers. You can see our historic uptime record at https://status.spp.co.
Isolated Customer Databases
When you sign up for SPP you get your own dedicated database which minimizes chances of accidental data leaks between accounts.
Customer databases are encrypted at rest and in transit. We also encrypt your sensitive data like API keys, and follow strict procedures for accessing production systems. Account passwords are never stored in plaintext and are not readable by staff.
Secure Development Practices
We rely on proven frameworks to implement protection against a wide variety of attacks including SQLi, XSS, SSRF, and CSRF. Our systems receive frequent software updates and security patches.
We work with an ISO 27001 certified auditing company to run periodic security tests on our application and infrastructure.