“I don’t know where my clients’ data is being stored or what ScalePad does with it. How can I ensure it is safe and secure?”
Protecting your clients’ data is one of your top priorities. At ScalePad, security is our top priority. We have a comprehensive security policy to keep your data and your clients’ data secure. Here’s an overview of our approach to security.
• Limited Data Collection
When you set up a connection to ScalePad, we deliberately limit the surface area of the data we access to the bare minimum required. We only use it for the purposes of providing our service to you. A full list of data collected can be found in our product guide. With regards to your sensitive payment information, we don’t store that at all. It’s handled by our upstream payment gateway—the very reputable Stripe.
• Restricted Access to Data
Access to the entire ScalePad app is limited to strong SSL encryption over HTTPS. Multi-factor authentication is available to implement on all accounts to prevent unauthorized access to your data. The web servers themselves are locked down with multiple firewalls, whitelisting incoming/outgoing traffic and key-based access.
Internally, access restrictions are implemented on all of our systems and servers to better protect your information, and all access is logged (including physical access).
• Secure Amazon Hosting Platform
ScalePad is hosted in AWS secure SSAE 16 / SOC1 certified data centers*. Amazon’s hosting platform is among the most secure and tested systems in history and includes third-party researchers to ensure practices are secure. The entire AWS infrastructure is PCI-DSS certified and maintains PCI-DSS Level 1; SSAE16 SOC 1, SOC 2 and SOC 3; and ISO 27001, 27017 and 27018. These certifications cover selected AWS services, including their:
With these established services, ScalePad delivers a secure, robust, and reliable application you can trust.
*More details on SOC compliance statements are available on the AWS SOC FAQ page.
For more information, refer to our product guide.