Dropsuite Global Data Centers
Dropsuite Security
Data Encryption in Transit and at Rest
Dropsuite enhances data security for our customers’ data by enabling Transport Layer Security (TLS 1.2) cipher for data in transit. All ingress or egress data to and from Dropsuite’s cloud service will be encrypted using TLS 1.2 to prevent third party snooping. Data at rest in Dropsuite’s storage is encrypted with Advanced Encryption Standard 256bit (AES256) cipher that ensures data is safe and secure.
Vulnerability Testing
Dropsuite engages independent/external entities to conduct regular application-level and infrastructure-level vulnerability tests. We also continue to scan and test the Dropsuite application internally, and on a regular basis, preforming regular security patches or upgrades. Results of the external vulnerability testing and remediation are shared by the entire team including management and the board of directors.
Reliable and Secure Facility Management
Dropsuite uses AWS data centers, trusted by the most highly-regulated organizations in the world. Security at AWS starts with core infrastructure. Custom-built for the cloud and designed to meet the most stringent security requirements in the world, the infrastructure is monitored 24/7 to help ensure the confidentiality, integrity, and availability of your data. All data flowing across the AWS global network that interconnects their datacenters and Regions is automatically encrypted at the physical layer before it leaves their secured facilities.
Dropsuite Compliance
Data Security Standards
Our IT infrastructure is designed and managed in alignment with security best practices and a variety of IT security standards, including:
- SOC 1, 2 and 3
- SOC 2 Type 2
- FISMA, DIACAP and FedRAMP
- DOD CSM Levels 1-5
- PCI DSS Level 1
- SO9001 / ISO27001
- ITAR
- HIPAA
Data Center Security
Data sovereignty is important to many of Dropsuite’s international partners. To that end, we can provide data center support to many country-locations. For example, we provide AWS data center support in Canada, ensuring that the data for all our SaaS products and solutions remain within Canadian borders, adhering to PIPEDA, the Canadian Privacy Act, and/or GDPR rules.
Data Protection Compliance
Dropsuite has proactively appointed its own Data Protector Officers (DPOs) that are trained in data privacy and data security to ensure legal compliance with various data protection laws. Our DPOs work closely with the product and engineering team to ensure legal compliance requirements are embedded into the development lifecycle of our products.