Your information is safe with Speeki
The world's most reliable enterprise ESG & compliance platform
Speeki is a safe ESG & compliance system that puts your data security, integrity, and availability above everything else. To ensure you never have to worry, we use a multi-layered approach to protect all your information.
Speeki's cloud infrastructure consist of physical and virtual servers, network firewalls, virtual private clouds, and private network routing which are hosted in Amazon Web Services (AWS) data centres. We have a limited number of personnel who are authorised to manage hosting resources and firewall rules accessing via multi-factor authentication. Each access to the production environment is logged. The hosting infrastructure complies to SSAE/AICPA SOC 2 and PCI DSS security standards, ISO 27001, ISO 27017 and ISO 27018. The details can be found here.Physical access of the AWS data centres is strictly controlled at the perimeter and at building ingress points by professional security staff utilising video surveillance, intrusion detection systems and other electronic means. Authorised staff must pass two-factor authentication a minimum of two times to access data center floors.
Services & APIs Security
Speeki has built a robust set of internal utilities or services that will help users be more productive and safer. Our services include multi-factor authentication, password reset, stored sessions, and translation, chat, and artificial intelligence services, as well as backend internal APIs and external APIs.
Google Translate™, IBM Watson® and Twilio are hosted on multi-layer secure clouds. Please find Google Cloud security information here, IBM Cloud security information here, and Twilio Cloud security information here.
Speeki follows industry web application best practices OWASP in order to assist in prioritising risks and identifying, mitigating, and fixing vulnerabilities in the application technology and the source code. It protects Speeki applications against inadequate security logging and monitoring, unauthorised access, theft, as well as hijacking, exposing, or stealing of client data.
Encryption and Data Protections
Speeki encrypts your data when in transit and when at-rest.
Any data transmitted between a user's device and the client product site is encrypted and transmitted via HTTPS with an SSL certificate.
Data that is not actively being transferred (called "at-rest") is encrypted through the Amazon Key Management Service using AES-256, one of the strongest block ciphers available. By encrypting at-rest databases, we're essentially converting your sensitive data into another form. This is usually done via an algorithm that cannot be understood by a user without an encryption key. Your data will only be accessed by authorized personnel who have the encryption key, so it is secure.
ISO 27001 & GDPR Compliant
Speeki's management and operations are regularly audited under ISO 27001:2013 certification. The audit will examine how Speeki manages and accesses client data securely, as well as the way Speeki built the application to protect client information appropriately. In addition, Speeki designs and manages client data in compliance with GDPR and partners with clients annually to conduct privacy questionnaires to ensure compliance with GDPR.
With Speeki, you can be assured that your data is safe.
Vulnerability & Penetration testing
Speeki scans for code vulnerabilities and/or employs third-party penetration testing and vulnerability scanning prior to the release of the latest versions.
We encrypt our daily backups of files and databases, and we retain them for a period of 14 days. Backups are stored on Amazon Web Services' S3 service. In other words, they are not kept on the actual server.
We test and update our disaster recovery plan at least once per year. Every month, Speeki restores backed-up data to verify that the data can be used and to verify that the backup is working as expected.
- Strong user authentication via SSO and MFA
- Complex password controls
- Deep-link for password reset
- AES 256-bit encryption
- HTTPS SSL encryption
- Antivirus scanning upon file uploads
- AWS, docker images regularly scanned
- Use non-persistent encrypted tokens to call internal/ external APIs
- Sent email logs
- Case information modifications