We take security and privacy seriously, adhering to enterprise-level security standards that keep your customer data protected.
We have a globally distributed security team on-call 24/7. Our team is constantly monitoring security notifications from all 3rd party software libraries and if identified, we immediately apply any relevant security patches as soon as they are released. Our engineers work together with the product teams to ensure that all of Visitly’s code and infrastructure follows a secure development lifecycle process.
Visitly is committed to providing secure products and services to safely and easily manage billions of digital identities across the globe. Our external certifications provide independent assurance of Visitly’s dedication to protecting our customers by regularly assessing and validating the protections and effective security practices Visitly has in place.
Visitly successfully completed the AICPA Service Organization Control (SOC) 2 Type II audit. The audit confirms that Visitly’s information security practices, policies, procedures, and operations meet the SOC 2 standards for security.
Visitly was audited by Prescient Assurance , a leader in security and compliance certifications for B2B, SAAS companies worldwide. Prescient Assurance is a registered public accounting in the US and Canada and provide risk management and assurance services which includes but not limited to SOC 2, PCI, ISO, NIST, GDPR, CCPA, HIPAA, CSA STAR etc. For more information about Prescient Assurance, you may reach out them at [email protected]
An unqualified opinion on a SOC 2 Type II audit report demonstrates to the Visitly’s current and future customers that they manage their data with the highest standard of security and compliance.
Customers and prospects can request access to the audit report by sending an email to [email protected].
All of Visitly’s application and data infrastructure is hosted on Amazon Web Services (AWS), a highly scalable cloud computing platform with end-to-end security and privacy features built in.
Designed with redundancy, fault tolerance and disaster recovery at the forefront, our services are distributed across three separate availability zones (data centers). All our infrastructure is within our virtual private cloud (VPC) with production access restricted to operations support staff only. This allows us to leverage complete firewall protection, private IP addresses and other security features.
For more specific details regarding AWS security, please refer to https://aws.amazon.com/security/.
We strive for a 99.99% uptime for our product and to support that, we host our monitoring and logging systems outside of AWS and employ a variety of tools to accurately monitor and report on any anomaly that could impact the delivery of our services.
All data is stored in AWS infrastructure, housed in Amazon-controlled data centers. Only those within Amazon who have a legitimate business need to have such information know the actual location of these data centers, and the data centers themselves are secured with a variety of physical controls to prevent unauthorized access. It is safe to say Amazon is much better at physical security than we are capable of being, so we leave it to them.
Through the use of automated and manual analysis, as well as constant security review of 3rd party libraries, we ensure to the best of our abilities that we are delivering products that are free from security defects. Visitly web application communications use TLS v1.2 for encryption in transit, and cannot be viewed by a third party. Visitly iPad application does not store any data locally and all the data is stored in our data centers only.We enforce the same level of encryption used by banks and financial institutions.
Additionally, we support a number of security focused features to help keep your data safe
Visitly supports TLS encryption on all inbound and outbound email. For an explanation of how email encryption works, we recommend this overview from Google.
We design all services with high availability in mind. Our goal is to deliver 99.99% uptime across all our products. In order to achieve this goal, we follow a number of engineering best practices