Last updated: January 01, 2021
Segstream runs in highly secure data centers. Our hosting providers are regularly audited against a wide range of security frameworks including but not limited to; SOC 2, ISO 27001 and PCI.
All data is encrypted whenever possible. All traffic is encrypted in transit with SSL/TLS. All data is encrypted at rest with full key/data segregation. We also continually review our code for OWASP, CVE, and NVD-reported vulnerabilities.
Access is restricted to approved employees based on job function. All access is logged and stored for auditing and anomaly detection. All changes to customer data are tracked via audit logs.
All parts of the Segstream application are built with industry best practice safeguards such as input data validation, password encryption and multi-factor authentication.
All parts of the Segstream application are designed to be resilient. We conduct contingency and disaster recovery plans testing as part of our business life cycle. Encrypted backups are performed on a daily basis.
Segstream’s security program is a hybrid of multiple security frameworks. Our security policies and procedures are reviewed regularly by our executive team.