Trust & Security

Three words: enterprise-ready, secure, and trusted. Reliable access to Platform28’s services is crucial to our customers’ success, so we make availability and security primary design considerations for all of our services, infrastructures, and operations.

Resilient and Reliable Infrastructure

We deliver our products on the world-class infrastructures of Amazon Web Services (AWS) and Google Cloud Platform (GCP). These multiple, geographically distributed data centers run simultaneously with the same functionality, ensuring the underlying infrastructure is never a single point of failure. In the rare event of data center service disruption, automated processes move traffic away from the affected data center to an unaffected one. AWS and GCP also maintain ISO 27001 and SOC 2 Type II certifications, which validate their physical, environmental, and infrastructure security protections. AWS certificates are accessible at the dedicated AWS Security and AWS Compliance pages. GCP audit certifications are available at Google Cloud’s Compliance Offerings space.

trust security

Resilient and Reliable Software

We build our platform using a microservice and API architecture. Microservices are an alternative to the traditional monolithic development approach, in which an application’s structure is a single, autonomous unit. Each microservice is only a part of the entire application’s functionality and deploys independently (i.e., chat, audio recording, resource management). As a result, multiple instances of a microservice are able to actively service each function at any given time. If one microservice fails, there are multiple other live instances available to take its place automatically.

Resilient and Reliable Software

On-Demand Scalability

Our services automatically scale up and down with demand, even if demand grows beyond our expectations. Thanks to the built-in monitoring tools, each microservice operates at the desired performance levels at all times. When demand spikes, the system automatically increases constrained resources to maintain a high quality of service.

On-Demand Scalability
Employee Background Checks

Employee Background Checks

Before a new employee joins our team, Platform28 verifies their education and employment history and performs internal and external reference checks. Where local labor law and legal regulations permit, we may also conduct criminal, credit, immigration, and security checks. The scope of these background checks depends on the position.

Security Training

Security Training

All new Platform28 employees undergo mandatory security training as part of the orientation process. They also receive ongoing security training in the course of their work. During onboarding, new employees agree to our Code of Conduct, which addresses our commitment to keeping customer information secure. Depending on their job role, additional training on specific security aspects may be required.

Dedicated Security Manager

Dedicated Security Manager

We have a dedicated risk and compliance manager on the team. They work in tandem with our executive leadership and subject matter experts to codify security procedures and best practices and ensure ongoing compliance.

Operational Security

Operational Security

Our operations team uses a set of monitoring alert rules to define critical security and availability standards for the production environments of all our services. The team also employs third-party and internally developed monitoring and analysis tools to closely monitor any unusual activity.

Independent Third-Party Certifications

Independent Third-Party Certifications

We are currently in the process of obtaining the following security certifications for all Platform28 services:

  • Payment Card Industry Data Security Standard (PCI DSS). PCI DSS is a proprietary information security standard administered by the PCI
  • Security Standards Council.

System and Organization Control (SOC) 2 — Type II. This certification validates Platform28’s physical and environmental safeguards for production data centers, backup and recovery procedures, software development processes, and logical security controls.

Data Security

Data Security

We encrypt data-at-rest using 256-bit Advanced Encryption Standard (AES-256) at a storage layer and application-level encryption to meet relevant PCI, SOC, and ISO security requirements.

Latest From The Blog