Security

SpeakUp protects your data in four ways:

  1. We control who can access your company’s SpeakUp site.
  2. We keep your data secret as it traverses the internet.
  3. We have tight physical and logical security mechanisms in place to keep your data secure as it is stored on our servers.
  4. We prevent data contamination between SpeakUp customers.

Each of these four topics are outlined below:

  1. We control who can access your company’s SpeakUp site by leveraging the security of your company’s authenticated e-mail environment. The level of trust inherent in your e-mail systems’ privacy is extended by only allowing users who can prove that they have a real and active e-mail address on your company’s domain name to access your SpeakUp site. As new SpeakUp users within your company attempt to access your SpeakUp site, they are required to verify the authenticity of their e-mail address prior to being able to access any of the information that your colleagues share on SpeakUp.
  2. We keep your data secret as it traverses the internet by leveraging industry standard encryption methods. Our TLS certificate is issued by Comodo. Your data is encrypted using the AES encryption algorithm and a 256-bit key. All aspects of an authenticated SpeakUp session are encrypted and private.
  3. We have security mechanisms in place to protect both our physical servers and the logical systems that reside on those servers. Our physical servers and the network that interconnects them are hosted in an environment that is compliant with multiple stringent IT security standards such as SAS 70, FISMA, PCI DSS, ISO 27001, ITAR, FIPS 140-2, and HIPAA. Standards jargon aside, our physical servers are protected to at least the same levels as those operating in military classified environments and in secure health records environments that contain sensitive personally identifiable medical 3 patient information. This level of protection not only applies to physical security breaches, but also to maximizing reliability, uptime, and the ability to recover from a disaster.Our logical systems are stored in a private hosting environment (not shared with other hosting customers), and are architected to restrict access by default. Whitelisted resources are only accessible via a virtual private network. All resources that do not require an internet facing connection are in private subnets with no direct public internet connection.
  4. We prevent data contamination to ensure that your company’s SpeakUp site is separated from other SpeakUp customers’ sites. Your SpeakUp site is assigned a unique application ID where it does not have the capability of accessing resources without that ID. We operate your SpeakUp application instance in the most stringent way possible so that data separation and data privacy are inherent in its design.