SOC2 (SOC for Service Organizations: Trust Services Criteria) is a report that provides detailed information and assurance about the controls at a service organization relevant to security, availability, and confidentiality of the
cloud service.

Privacy Shield

Privacy Shield is a program for US companies to demonstrate adequate compliance to EU data privacy standards for the transfer of data from EU to the US.

Data/Network Services

Playvox delivers and supports its services through cloud service provider, Amazon Web Services, that use widely accepted practices and infrastructure to secure customer data. Network services include a combination of dedicated servers and distributed resources.

Further information on our service provider security practices can be found here:
AWS Cloud Security
AWS Compliance Programs

Application Development

We apply secure design patterns and best programming and OWASP practices at every stage of application development using a SecDevOps approach. All code is developed in-house.

Separate environments are maintained for production, staging and development. Customer data is only available within Playvox’s production environment and is never used on a different environment or employee machines. Only authorized system administrators have access to the production environment. Test environments emulate the production environment as closely as possible.

Application servers can be accessed only via HTTPS over TLSv1.2. Logins are protected from brute force attacks. Passwords must be longer than 10 alphanumeric characters, containing both upper and lowercase letters and at least 1 number. Passwords are stored as salted one-way hashes.

Logs from systems and applications are collected, analyzed and audited. Monitoring services proactively check systems, computer and network components to ensure service availability and performance. Both logging and monitoring are used to identify security incidents and to prevent abuse.

Security testing is integrated in image creation and code deployment, continuous vulnerability assessments are performed against the web stack and the software libraries we use. A third-party penetration test is performed annually to identify and remediate detected vulnerabilities.

Playvox +1 (415) 854 - 3801 /
530 Lawrence Expy #905 Sunnyvale, CA 94085