Data security and infrastructure are an integral part of RolePoint’s technology. We’re committed to ensuring all necessary security precautions are taken and we comply with the leading standards, security certifications and penetration testing available.
Access to all data centers is strictly managed. Permission is only granted to a privileged few granted with clearance. These locations are scattered throughout their US bases, with heavy security and monitoring. Access to the data centers are broken into levels of authorization. The highest of which requires multiple key cards access and biometric scanning.
Some security measures in place:
- Monitored locally and remotely
- 24/7 Security and surveillance, both physical and heat sensitive CCTV
- Restricted and verified access mechanisms
- Established multistage procedures to manage access policy
System and Network
Custom software monitors and manages all infrastructure. This ensures resilience to threats. Security consultants work on regular schedules to continually review and test the security of the platform, safeguarding it from new potential issues. Strict data audits help to uncover possible security flaws on a frequent basis and repairs and responses to occurrences are dealt with immediately. Datastore servers are behind their own firewalls, and are only available to the application they are associated with.
RolePoint is protected by Secure Socket Layer (SSL) providing both server authentication and 256-bit AES data encryption. This ensures that your data is safe, secure and available only to registered users in your organization, with relevant permissions.
Endpoint Protection Mechanism
Authentication is on all public end points and SSL encryption protecting credentials.
- 128 bit TLS 1.2 using AES_128_GCM with ECDHE_RSA key exchange.
- Data at Rest: Each Cloud Storage object’s data and metadata is encrypted under the 128-bit Advanced Encryption Standard (AES-128), and each encryption key is itself encrypted with a regularly rotated set of master keys.
RolePoint’s hosted services are SAS70/SSAE16 compliant ensuring controls, processes and policies that protect data have been audited.
All data centres are ISO27001 accredited with continuous monitoring with restricted access.
All data centres are Safe Harbor accredited.
Client support is provided 24/7 with a 24hr response time SLA along with 99.9% uptime. For more information please see our SLA documentation.
RolePoint’s application is both developed and hosted to manage scalability. It can accommodate fast intense increases in capacity and we’re able to service millions of users, per instance, globally. Our architecture and data stores can withstand significant traffic and information and has been thoroughly load tested.
Our data store provides a robust, scalable storage for your web application, with the following features:
- No planned downtime
- Atomic transactions
- High availability of reads and writes
- Strong consistency for reads and ancestor queries
- Eventual consistency for all other queries
- Each Cloud Storage object’s data and metadata is encrypted under the 128-bit Advanced Encryption Standard (AES-128), and each encryption key is itself encrypted with a regularly rotated set of master keys.
A list of RolePoint's third-party sub-processors is available here.
General Data Protection Regulation
A full of summary of our GDPR compliance and processes is available here.
Need More Information?
Contact us at firstname.lastname@example.org