SessionStack builds on Google Cloud Platform's compliance with leading standards for information security. Administrative access to our servers and data requires login with Google's two-step authentication.
ISO-27001 Certification: https://cloud.google.com/files/GCP_ISO_27001_2017.pdf
SOC3 third-party audit reports: https://cloud.google.com/files/GCP_SOC3_2017.pdf
SessionStack's production data is processed and stored in state of the art data centers which use multilayer access, alerting and auditing measures, including:
- Perimeter fencing
- Vehicle access barriers
- Custom-designed electronic access cards
- Biometric checks
- Laser beam intrusion detection
- Continuous external and internal security camera surveillance
- 24x7 trained security guards
All servers that are running SessionStack are continuously patched Linux systems.
Our web servers use the strongest grade HTTPS security so that requests are protected from eavesdroppers and man-in-the-middle attacks. Our SSL certificates are 2048 bit RSA, signed with SHA 256.
All persistent data is encrypted at rest using the AES-128 standards or similarly high standards, allowing Google Compute Engine to have successfully completed ISO 27001, SSAE-16, SOC 1, SOC 2, and SOC 3 certifications.
Updated about a year ago