SnapComms Security Overview

OVERVIEW

The architecture of the SnapComms solution has been designed to ensure compliance with strict security requirements, whilst the SnapComms SaaS platform is designed and managed to minimize the risk of security vulnerabilities and threats. SnapComms uses Microsoft Azure as its IaaS and PaaS provider and adopts a proactive approach to ensure the security of the SnapComms SaaS platform. Microsoft Azure is compliant with the most important and popular security regulations including GDPR, ISO27001, and ISO27018. More details about compliance of Microsoft Azure are available on its compliance website


ENCRYPTION

All connections between the SnapComms endpoint apps and SnapComms cloud server are established through secure protocol HTTPS/TLS. This ensures that all data in transit is secured according to industry standards. Data at rest stored in the database is encrypted using Microsoft Azure's transparent data encryption (TDE) mechanisms. 

 

APPLICATION SECURITY

SnapComms manages the security of the application closely by following the software vulnerabilities published by OWASP (www.owasp.org). SnapComms proactively ensures these stated vulnerabilities are sufficiently mitigated by adherence to strict development practices and regular vulnerability assessments. 


REGULAR VULNERABILITY SCANS AND PENETRATION TESTS

SnapComms conducts weekly application vulnerability scans and daily network vulnerability scans by using third-party services. In addition to the vulnerability scans, SnapComms also conducts regular third-party penetration tests. The findings are treated in accordance with SnapComms Risk Management, Change Management and Patch Management processes regulated within the ISO-certified ISMS.
 

INDUSTRY BEST PRACTICES AND SECURITY AWARENESS

SnapComms ensures its developers, technical support staff and network management teams are well versed with current industry best practice in terms of development and management of the SnapComms solution. This includes awareness and understanding of the latest software and internet-based security vulnerabilities, which are reviewed and assessed on a regular basis.


SECURITY GOVERNANCE

An ISO-certified Information Security Management System (ISMS) is established where a Data Protection Officer and an Information Security Committee are appointed to oversee and implement security protocols. SnapComms also conducts regular internal and external security audits.
 

STANDARDS AND COMPLIANCE

SnapComms is constantly improving its security architecture by accommodating compliance requirements originating from different markets and regulation bodies. See the current snapshot of the SnapComms compliance, certifications and policies here

 

 
Was this article helpful?
0 out of 0 found this helpful

Comments

0 comments

Article is closed for comments.