Every day, our in-house security team reviews every security aspect of SPCE.
3rd party testing
Our site and API are subjected to independent, ongoing penetration testing, security scans, threat detection and greybox assessment by well-respected cyber security firms including Synack, IncludeSecurity, and Qualys.
Real-time audit log
We also keep a real-time audit log of all data access and changes made by administrators, customers, employees and our automated system.
State-of-the-art encryption technology
Your data is transferred with high-grade TLS and multi-layered encryption at rest with AES-128 — the industry-standard for commercial applications. Encryption keys are stored separately from the data, and it’s all hosted in our off-site, secure cloud infrastructure.
Data center security
Our server hosting locations are physically secured, staffed 24 hours a day, 7 days a week, 365 days a year by trained security guards who’ve undergone a thorough auditing process.
Access to sensitive data requires two-factor authentication and is restricted only to authorized personnel performing specific tasks for the client (e.g. customer service).
Our system spans numerous physical locations, with N+1 or greater redundancy to establish resilience for all components.find out more
We store backups in multiple secure locations and update them throughout the day, every day.find out more
Our technology ensures high availability of your information: 99.9% uptime (with security in mind).find out more
Our system spans numerous physical locations, with N+1 or greater redundancy to establish resilience for all components.
We store backups in multiple secure locations and update them throughout the day, every day.
Our technology ensures high availability of your information: 99.9% uptime (with security in mind).
If you think you may have found a security vulnerability within SPCE, please get in touch with our Security Team