PeopleVine is dedicated to the security and compliance of our platform in order to protect your business when using our tools. Here are many of the things we perform to achieve the highest level of security in our platform:
- We perform weekly vulnerability scans to identify any potential threats to our platform and our users data through Trustwave. This scanning is performed weekly on our new development code along with tests monthly on our production code.
- We perform monthly PCI Certification through Trustwave across our API, Control Panel and Portal. This meets the industry standard for credit card processing. (please note your site running in our portal may not be compliant, individual PCI compliance scanning on your website is highly recommended).
- We perform quarterly Penetration Tests through Evolve Security to identify any potential risks within our application and architecture. Most companies do this annually, we do it quarterly to ensure your data is always safe in PeopleVine.
- As well, we lock down access from the outside world (by IP Address) to many of our core internal components in order to ensure the public can't get to it.
We also provide the tools necessary so you can achieve the following compliances:
- GDPR Compliance which is designed to provide general data protection for your consumers with full transparency on how their data is used and the self-service tools necessary to remain compliant.
- HIPAA Ready which allows our clients in the healthcare space to ensure data related to healthcare activity is properly managed. This also provides our platform with best practices on keeping sensitive data secured.
Our multi-tenant platform is hosted in Microsoft's Azure within their data centers. Please see their data center policy on physical security.