Customerly security program best practices

Customerly implements a comprehensive security program with multi-layered protections, including encryption, access control, and data backup, to safeguard user data. These best practices ensure system resilience, data privacy, and compliance.

Luca Micheli
Written by Luca MicheliLast update 24 days ago

At Customerly, security is at the core of our operations. We believe in a holistic and multi-layered approach to safeguarding data, ensuring that our platform is resilient, secure, and compliant with industry standards. Below, we outline the key security measures and best practices implemented to protect your data and maintain system integrity.

Encryption Standards

  1. Data in Transit
    We use HTTPS with Transport Layer Security (TLS) to encrypt all data transfers between your browser and our servers. This protects your data from being intercepted or tampered with during transmission.

  2. Data at Rest
    Customerly encrypts all data stored on our servers using AES-256 encryption via Amazon Web Services (AWS). This ensures that your data remains secure even if unauthorized access to storage were ever attempted.

  3. Encryption Key Management
    Our encryption keys are managed by AWS Key Management Service (KMS), providing an additional layer of security for cryptographic operations.

Access Control

  1. Role-Based Access Control (RBAC)
    Customerly uses Role-Based Access Control (RBAC) to limit data access. This ensures that team members can only access the data they need for their specific roles, minimizing the risk of unauthorized access.

  2. Two-Factor Authentication (2FA)
    Administrative access to our systems is protected by two-factor authentication (2FA), adding an extra layer of security for sensitive data and systems.

  3. IP Whitelisting
    We implement IP whitelisting, allowing only approved IP addresses to access Customerly systems. This reduces the risk of unauthorized external access.

Data Backup and Recovery

  1. Frequent Data Backups
    To protect against data loss, Customerly performs hourly backups of all critical customer data. This ensures that, in case of an incident, we can quickly restore data with minimal disruption.

  2. Multi-AZ Redundancy
    We employ Multi-Availability Zone (Multi-AZ) redundancy, meaning customer data is stored in multiple geographic locations to ensure availability and resilience against data center outages.

  3. Rapid Recovery
    In the event of a data loss or system failure, our recovery procedures allow us to restore data within minutes, minimizing any downtime or impact on your business.

Risk Assessment and Monitoring

  1. Continuous Risk Assessment
    We regularly assess potential risks, including software vulnerabilities, unauthorized access, and data corruption. This proactive approach allows us to mitigate risks before they affect your data.

  2. Real-Time Monitoring
    Customerly employs real-time monitoring to detect unusual activities on our systems. This enables immediate responses to potential security incidents, reducing the likelihood of data breaches.

  3. Audit Logs
    All system access and data modifications are logged and reviewed periodically. This ensures traceability and accountability for any changes made within our platform.

Incident Response and Recovery

  1. Incident Response Plan
    Despite our best efforts to secure systems, incidents can happen. Our Incident Response Plan includes steps to contain and resolve any breaches or failures, ensuring minimal impact and swift recovery.

  2. Disaster Recovery
    Our infrastructure is backed up and managed as code, allowing us to quickly recreate systems in case of failure. With autoscaling groups and redundancy measures, our services remain operational even during unforeseen disruptions.

Compliance and Security Certifications

  1. GDPR Compliance
    Customerly adheres to GDPR regulations, ensuring that your data is handled in a transparent and lawful manner.

  2. Regular Audits
    We perform regular security audits to ensure compliance with industry standards and continuously improve our security posture.

Shared Responsibility in Security

While Customerly takes significant measures to protect your data, security is a shared responsibility. We encourage users to:

  • Use strong, unique passwords for their accounts.

  • Enable two-factor authentication where applicable.

  • Regularly update security settings to stay protected.

For any questions about our security practices, or to discuss how you can further enhance your data security, feel free to reach out to our support team. We are committed to keeping your data safe.

Did this answer your question?