Policies
Data security and encryption
Data security in People includes security controls, privacy practices, maintaining confidentiality, and availability of critical systems and information. Data is protected as well as encrypted.
Certifications
Data protection in People follows International Standards Organization (ISO) and System and Organization Controls (SOC) standards.
- ISO 27017 certifies security control for cloud storage.
- ISO 27018 has global privacy standards to safeguard Personally Identifiable Information (PII) in the cloud. Example: Phone numbers and emails that can uniquely identify a profile.
- SOC voluntary compliance standard measuring how organizations should manage customer data based on security, availability, processing integrity, confidentiality, and privacy.
Process flow
How data is protected
Data protection in People includes the following:
- Unauthorized physical access to data storage.
- Data protection during transmission over the network.
- Protection against viruses, malware, and traffic sniffing.
- Data leak protection in case of loss or theft of a physical device.
- Data loss prevention in case of technical outage.
- Protection against hacker attacks.
Data is protected when it is in transit and at rest.
Data in transit: Data is encrypted when it is in transit, in the following situations.
- Data is imported into People from external applications. Example: From a form on a website.
- Data is sent from People to external applications.
- Data is transferred between People and other Infobip products and services. Example: Between People and Answers.
Data at rest: Data in People is protected against physical and digital attacks on Infobip's and our partners' data centers.