At getResponding, we prioritise the security of our customers' data and the integrity of our platform. In an era where cyber threats are ever-evolving, we have implemented a robust security framework to protect sensitive information and ensure that our services are secure and reliable.
This document outlines the security measures and practices we have implemented to safeguard our application, infrastructure, network, and data, providing our customers with peace of mind.
To ensure the highest level of security for enterprise and user information, getResponding enforces Multi-Factor Authentication (MFA) across its platform.
getResponding implements a robust password policy. Passwords are required to meet industry-leading complexity requirements.
Data in Transit: All data communications within our platform are secured via HTTPS and encrypted with TLS 1.2+.
Data at Rest: Encrypted using AES-256 within AWS and OpenAI. getResponding is committed to following encryption best practices per industry guidelines and continually reviews the rigour of current encryption standards.
Application-Level Encryption: Additional encryption for sensitive data, including Personally Identifiable Information (PII).
Secrets Management: Relevant secrets are securely stored within AWS Secrets Manager.
In-Support Infrastructure & Services: getResponding will ensure all underlying infrastructure is actively supported by our vendors (currently AWS). Any infrastructure or services that are at risk of End-of-Support or End-of-Life will be upgraded to the appropriate In-Support versions.
Virtual Private Cloud (VPC): The application is hosted within an AWS VPC, providing network isolation.