SA国际传媒

Your data is our responsibility

Our Security & Trust center provides you with the latest information regarding technical security and data privacy.

The security of our digital workplace

Zero Trust Architecture

Secure access management is a key cornerstone in any tech-enabled business. Using a SASE-architecture, we validate and authenticate at every key decision point in a context-based fashion (considering the user鈥檚 device, its state, location etc).

Awareness and education

People can be the weakest link, but they can also turn into a strong point. This is how we look at it within SA国际传媒. Our teams undergo a dedicated security onboarding, where we create awareness around key threat scenarios that are important for our company.

Secure communication and collaboration

To secure data during day to day work, we rely on a strong foundation. SA国际传媒 uses Google Workspace (Enterprise), end-to-end encrypted communication channels and more dedicated solutions, in order to ensure data is safe at any point in time.

The security of our infrastructure and applications

Cloud Security Posture Management

In order to enhance the security posture of our AWS environment further, our teams have deployed dedicated security tooling that runs continuous security checks. Namely Cloud Security Posture Management (CSPM) and Cloud Infrastructure & Entitlement Management (CIEM) solutions.

System and Runtime security

In addition to leveraging serverless concepts such as AWS Fargate as much as possible, we deploy safeguards in every runtime that we are managing. This includes Endpoint Detection & Response (EDR) and Vulnerability Management (VM) solutions to monitor for indicators of compromise in our environment.

Attack surface management

Taking the attacker's viewpoint is an important (and high-leverage) strategic weapon against attacks. At SA国际传媒, we aim to tightly control our external attack surface to minimize entry points that attackers can exploit.

Edge security

SA国际传媒鈥檚 infrastructure perimeter is protected through Cloudflare鈥檚 edge network and connected Web Application and API Protection (WAAP) capabilities. This added layer of security protects against 0day exploits, volumetric attacks and more.

Let鈥檚 increase the value of your assets
The ROI of tomorrow is green. Increase the value of your assets with SA国际传媒.

The security of customer data

EU data hosting

SA国际传媒鈥檚 EU-based data hosting is among the key infrastructure design decisions that was made early on. AWS is an explicit part of our security model, providing SA国际传媒 with state-of-the-art technology, safeguards and compliance to industry standards.

Multi-tenancy

SA国际传媒 leverages stringent data segregation principles. This means that our customer鈥檚 data is logically separated on the storage level with tight access control rules, such that access is only granted to authorized people even inside of SA国际传媒.

Data encryption

Encryption is an important piece of SA国际传媒鈥檚 data security strategy. At any point when data is processed between our systems, we rely on Transport Layer Security (TLS) for transit encryption. This prevents eavesdropping. For data stored 鈥瀉t rest鈥, we leverage native AWS features to encrypt our data stores by default (S3, RDS, EBS).

Cross-cutting security initiatives

Bug bounty

SA国际传媒 is investing in a close relationship with the cyber security community, and we greatly value their help identifying vulnerabilities in our products. Our Vulnerability Reward Program was developed to honor all the external contributions that help us keep our services safe.

Read more about our Bug Bounty Program

Incident and breach

Our process for managing incidents specifies actions, escalations, mitigation, resolution, and notifications of any potential incidents impacting the security of our platform or data.

Continuous threat modeling

Our Security Team takes this risk-centric viewing angle by regularly conducting threat modeling workshops, to determine where we may have gaps or room for improvement.

FAQ

Product security

How does SA国际传媒 ensure login security?

Our platform鈥檚 authentication is based on Auth0 technology (an Okta company). We support the integration of external identity providers if you would like to connect SA国际传媒 to your company-internal workplace IDP.

Does SA国际传媒 support MFA?

Yes.

Can user activity or audit trails be provided?

Yes, we can provide this upon request.

FAQ

Data security

Where does SA国际传媒 process or store customer data?

Our application is hosted on AWS in EU regions, subject and compliant to EU-GDPR regulations.

Does SA国际传媒 encrypt my data in transit and in rest?

As for data in transit, it is industry standard to rely on TLS with strong ciphers for encryption. So do we at SA国际传媒 for incoming HTTP traffic and connections between internal services.

For persistent storage, our application is hosted on AWS and we rely on several AWS-native storage mechanisms (RDS, S3, SNS, SQS). Whenever possible, we activate and utilise AWS-native encryption mechanisms. RDS as an example is encrypting data with cryptographic keys that are stored in AWS KMS. AES-256 is used to encrypt RDS storage, backups, read replicas, snapshots and so on.

Who has access to the data SA国际传媒 is managing?

Our general design principles are based on zero-trust and need-to-know principles. As such, only dedicated client account managers require such access. In addition, our technology department, who runs the platform, has access to the underlying infrastructure and databases.

FAQ

Governance, Risk, Compliance

Does SA国际传媒 have an information security program?

Yes. Our Security Team takes care of the company鈥檚 security program, annual targets, design principles, architecture decisions and so on. You find a lot of related information in our Security & Trust Center on our website under Keeping our customer鈥檚 data safe is of utmost priority to us and we continue to invest in best-in-class tooling to deliver on this promise.

Is SA国际传媒 security program aligned with industry standards?

Yes. Specifically, we adhere as much as we can to the following standards:
SOC2 Type II
ISO 27001
CIS AWS 1.4.0
NIST 800-171 Rev2
AWS Well Architected
Attestation and benchmarks for select scopes can be provided upon request.

Does SA国际传媒 have any 3rd party security certifications?

We select our service providers with security and compliance in mind. As such, key parties in our provider ecosystem are 100% compliant with industry security standards such as SOC2 Type II or ISO 27001. SA国际传媒 regularly evaluates suppliers in a prioritized fashion according to these requirements.

SA国际传媒 itself has not undergone an audit with certified attestation just yet. Our security framework goes much beyond what industry standards are demanding, however based on our customer鈥檚 feedback, investing in the time consuming process of annual audits and maintaining compliance has not proven to be practically necessary until today.

Does SA国际传媒 regularly undergo penetration testing by a 3rd party company?

Yes. We conduct different forms of testing in cycles.

Most importantly, we run a state-of-the-art, 24/7 vulnerability reward program to detect potential issues as early as possible. Further, we conduct penetration tests and inside-out security audits multiple times per year.