This article provides an overview of the security features of the PeopleVine platform and our vendors.
PeopleVine's shared (SaaS) environment is hosted in Microsoft Azure using a combination of Web Apps, Azure VM, Storage and other components of the Azure platform. Microsoft has detailed a document highlighting the overall security settings in place for data stored and transmitted via Azure here.
On top of the security levels provided by our vendor(s), PeopleVine also employs several security mechanisms to guarantee the safety of your data and user experience:
- PeopleVine maintains PCI DSS compliance on a monthly basis through Trustwave, a leader in trusted commerce. This applies both to our API, control panel and portal screens.
- As requested by clients, PeopleVine has the ability to meet HIPAA requirements as we currently leverage a proprietary algorithm for encrypting personal data.
- All client data is separated by several key elements.
- Each request sent to our platform runs through several levels of authentications to ensure proper access of the data based on the user's permissions and access.
- Security is handled both in our customer facing tools, such as the control panel and portal, as well as the API to ensure multiple levels of security.
- Credit card data is highly encrypted in our platform via a proprietary algorithm and since we maintain PCI DSS compliance, we do not store CVV.
- API applications built on the PeopleVine platform can only access other company accounts if the user has authenticated through PeopleVine directly. So your username and password is never shared with the 3rd party app.
- All content built in the PeopleVine platform is only visible via a registered domain name, so you can not access another company's information without having the direct URL or access.
- All media files uploaded throughout the PeopleVine platform (unless otherwise checked to keep the same name) are encrypted with a unique identifier, folder and extension in order to prevent file/folder browsing.
- All transaction data includes the IP Address, Session ID and Device Info of the person who submitted the transaction for trace-ability purposes.
We take security serious within the PeopleVine environment and work with leading vendors to ensure data is encrypted and secured at the highest level.