fbpx

Security in the AirDeck Cloud

AirDeck is determined to keep your data safe. Learn more about our security and policies.

Our Commitment

Being that AirDeck is a cloud-based company, we are committed to the security of our customers and their data. We are focused on maintaining the highest level of security to keep both you and your data safe. AirDeck undergoes regular penetration testing, encrypts data, and is designed to be GDPR-compliant. We are trusted with some of our customers’ most valuable data, and keeping it safe is our top priority.

High Class Application Security

Data in storage is encrypted using AWS RDS database encryption mechanisms. During transit and rest, all data is encrypted using TLS 1.2+, and deprecated transfer protocols are disabled. Passwords are never stored in plaintext. TLS certificate is managed by AWS and rotated regularly. Physical security for all processing systems is provided by AWS cloud computing services. The only information required for the function of the application is stored by the application storage systems. Billing information is stored by a third party.

Incident Response

Our incident response team immediately addresses issues that arise, affecting our quality of service. Specifically, employees utilize defined escalation paths and strategies regarding the disruption.

Vulnerability Management

AirDeck conducts frequent scans within production infrastructure, applications, and networks to pinpoint vulnerabilities that could potentially impact our system.

Corporate Security

All employees, when hired, go through a federal and local background check and are required to sign a confidentiality agreement, which includes protecting customer information. All computers are equipped with anti-virus scanning software and third-party software which allows us to secure and/or wipe any employee computer.

Software Development Lifecycle Security

AirDeck utilizes a multi-step human review process to ensure quality consistency across our software development practices. Infrastructure configuration is version controlled, allowing for review and approval.

Redundancy

AirDeck uses Infrastructure as Code to define computer resources and can be recreated in an automated fashion.

Viewer Authentication

Users can require viewer contact information and password for content and modify security requirements for custom links at any time.

Single Sign-On (SSO)

Users can be required to authenticate into our system without having the ability to enter additional login credentials.

Backups

Customer data is snapshot daily, and a point in time recovery between each snapshot is available.

Safe & Reliable Infastructure

Amazon Web Services (AWS)

AirDeck uses and trusts Amazon Web Services to ensure secure hosting of production and staging environments. AWS utilizes numerous forms of security such as 24x7 security, video surveillance, biometric scanning, and are certified across various global security and compliance frameworks.

Stripe Payment Processing

AirDeck entrusts Stripe with all payment processing. Stripe’s infrastructure for storing, decrypting, and transmitting card numbers runs in a separate hosting environment and doesn’t share any credentials with Stripe’s primary services. Stripe is certified to PCI Service Provider Level 1.

Get started with
AirDeck today!