We have developed a security strategy that focuses on emerging trends in the cybersecurity field and common threats that impact businesses in the technology sector. Below are some common questions and concerns when it comes to security. If you have an additional question, feel free to email us at [email protected]
Protecting Customer Data
Snitcher supports TLS v1.3 encryption to protect communications between customer web applications and Snitcher systems. All data received from customers is encrypted at rest using AES-256-bit encryption while in storage. We highly recommend that customers configure webhooks using TLS v1.2+.
We restrict the number of personnel with access to information systems containing sensitive data. Customer data is only accessible by those who need to access it for their work, e.g., responding to a customer support case or resolving a technical issue requiring engineering input.
Data is deleted from our systems using automated policy-based expiration periods once data has met the retention schedule. We also perform data removals through manual delete operations to fulfill ad-hoc requests (e.g., privacy requests).
We have internal security and privacy policies in place to support our staff with dos and don’ts of handling customer data. These policies are built in accordance with international standards.
Cloud and Network Architecture
We use Amazon Web Services (AWS) and DigitalOcean data centers located in Europe (Frankfürt, Germany, and Amsterdam, the Netherlands).
The AWS cloud infrastructure has been designed and managed in compliance with regulations, standards, and best practices, including SOC 2, ISO 27001, FedRAMP, GDPR, CCPA, and PCI DSS Level 1.
To learn more about the security standards and frameworks that our AWS cloud data centers comply with, please visit: https://aws.amazon.com/compliance/programs/
DigitalOcean data centers also maintain compliance with various security standards and best practices, including SOC 2, ISO 27001, GDPR, and CCPA.
To learn more about the security compliance of DigitalOcean data centers, please visit: https://www.digitalocean.com/security
Our application is designed with redundancy for network and power failover protection. In the event of component failure, a redundant counterpart is available to handle the load, ensuring our systems remain available.
Physical and Environmental Protection
Physical access controls to safeguard employees and protect systems that access, store, transmit, or process user information are implemented and include electronic access doors, video surveillance, security guards, visitor access controls, and security zones.
Data center equipment is protected from environmental threats using automatic fire detection and suppression equipment, climate control which prevents overheating and reduces the possibility of service outages, water leakage detection and removal, and uninterruptible Power Supply (UPS) units to provide backup power in the event of an electrical failure.
We implement various mechanisms and are constantly improving the monitoring of our networks, servers, and applications. We monitor errors, availability, system behavior, load, and other resource usages.
If you have any questions about Snitcher’s security program or if you need to escalate a security concern, please contact us at [email protected].
If you need a printed version of this information, use the 'print' and 'save as PDF' options from your web browser.