Vizibl Security

Enterprises trust Vizibl with data and I.P.

Our technology has been built to stringent international security standards with global organisations in mind.

Vizibl Security

Security for collaboration

Security is a part of our company culture. We regularly monitor, test and review security in our product and in the cloud with automated back-ups for absolute peace of mind.

Vizibl product security

Our team has built Vizibl with security top of mind. We have deployed an array of security features to meet the highest standards for global enterprises and offer you peace of mind.

Uptime

Vizibl experiences 99.5% or more uptime. Our Service Level Objectives include:

  • RTO 8 hours
  • RPO 1 hour

SSO

Vizibl can be configured to allow 1-click Single Sign-On (SSO) from your network to ensure ease of access and security.

Password protection

All user passwords are protected with cryptographic hash algorithms. Users must provide their own secure password for each instance which is neither known, nor distributed by the system. Vizibl has password policy parameters that include password expiration, history and minimum length.

User authentication

Vizibl supports Two-factor and Multi-factor authentication to safeguard access to data and systems whilst also meeting the need for a simple sign-in process.

Users can select to enable Two-factor authentication (2FA) for their account requiring a user to enter a generated security code in addition to their regular password to log in. A company administrator can request Vizibl to mandatorily apply these features for all users in a Vizibl company, organisation or relationship.

Why Vizibl?

Vizibl product security

Our team has built Vizibl with security top of mind. We have deployed an array of security features to meet the highest standards for global enterprises and offer you peace of mind.

Data processing

Vizibl’s data privacy policies are aligned with The General Data Protection Regulation (EU) 2016/697 (GDPR). Vizibl incorporates a Data Processing Agreement (DPA) into the customer Master Agreement. The DPA sets out additional terms, requirements and conditions on which the Processor will process personal data when providing services under the Master Agreement.

Data encryption

All data in Vizibl is encrypted at rest using an AES-256 encryption. Interactions with Vizibl (e.g., API calls, login, authenticated sessions to the customer's portal, etc.) are encrypted in-transit with TLS 1.0, 1.1, or 1.2 and 2,048 bit keys or better. We use industry standard 2048 bit SSL encryption for communications between your computer and our servers.

Pentesting

Vizibl adopts the CREST Infrastructure Security Framework, a rigorous annual assessment of Vizibl’s network for flaws and vulnerabilities at the network and operating system layer. The detailed results of this stringent process are available upon request under a nondisclosure agreement.

Security monitoring and alerts

Our automated monitoring, alerting and response technologies operate permanently. Our product infrastructure is instrumented to alert engineers and administrators when anomalies or malicious activities occur, including error rates, abuse scenarios, application attacks, and more. Automatic responses and alerts are triggered for our teams to rapidly respond, investigate and correct.

Product security infrastructure

Automated triggers are built into Vizibl to respond to security events. Actions include traffic blocking, quarantine, process termination, and similar functions, which automatically activate at predefined thresholds to ensure the Vizibl platform protects itself.

Security Operations team

Vizibl operates a 24/7/365 programme to monitor, log, detect and respond to security alerts. Logs and events are monitored in real time and are escalated immediately at any time to our developers, security analysts and engineers to take appropriate action as members of the Security Operations Team.

Data logs

All logins, page views, modifications, and other access to Vizibl environments are logged at the application layer. In the infrastructure back-end, we log authentication attempts, horizontal and vertical permission changes, infrastructure health, and requests performed alongside other commands and transactions.

Security in the cloud

Vizibl’s security and architecture are hosted in Google Cloud which meets the strictest international compliance standards, certifications, laws and frameworks for seamless operations across countries.

  • Cloud Computing Compliance
  • Controls Catalog (C5)
  • CSA STAR
  • Spain Esquema Nacional de Seguridad (ENS)
  • FedRAMP
  • FIPS 140-2 Validated
  • HDS
  • HITRUST CSF
  • Higher Education Cloud Vendor Assessment Tool (HECVAT)
  • Independent Security Evaluators (ISE) Audit
  • IRAP (Information Security Registered Assessors Program)
  • ISAE 3000 Type 2 Report
  • ISO/IEC 27001
  • ISO/IEC 27017
  • ISO/IEC 27018
  • ISO/IEC 27701
  • MTCS (Singapore) Tier 3
  • OSPAR
  • PCI DSS
  • SEC Rule 17a-4(f), CFTC Rule 1.31(c)-(d), and FINRA Rule 4511(c)
  • SOC 1
  • SOC 2
  • SOC 3
  • TISAX
  • U.S. Defense Information Systems Agency Provisional Authorization

Global laws & regulations

  • Argentina Personal Data Protection Law 25,326
  • Australian Privacy Principles (APPs)
  • California Consumer Privacy Act (CCPA)
  • COPPA (U.S.)
  • EU Model Contract Clauses
  • FERPA (U.S.)
  • GDPR (EU)
  • HIPAA
  • My Number Act (Japan)
  • PHIPA
  • The Personal Information Protection and Electronic Documents Act (PIPEDA)
  • South Africa POPI

Business continuity

Vizibl maintains and regularly tests business continuity and disaster recovery plans that focus on:

Preventing outage through redundancy of telecommunications, systems and business operations

Rapid recovery strategies in the event of an availability or performance issue

Automated encrypted backups every hour and maintained in multiple off-site locations

Vizibl company security

Vizibl ensures all employees follow the strictest security standards with thorough background screening, contractual confidentiality and ongoing training as we imbue security into company culture.

Training

Vizibl implements security awareness training during onboarding and throughout employment for all employees. Vizibl’s Security Operations team performs progressive social engineering tests and awareness campaigns to build security into the culture of the company. Vizibl’s developers are trained annually on secure coding practices and secure code review techniques.

Confidentiality

Employees, contractors, and third-party users must confirm in writing that they understand their roles and responsibilities regarding information security and confidentiality as part of their employment or vendor contract. Upon departure, terminated employees are reminded of their confidentiality obligations with user accounts and passwords immediately revoked.

Background checks

Background checks are performed on all employees candidates, including financial and criminal records over the past sevenyears.

Infrastructure access

Access to Vizibl systems is controlled with strict authentication access for absolute security. Production system access logged locally and in a central log repository.

Privacy & terms

Read our Privacy Policy on the collection, use and disclosure of personal data as a Vizibl customer and our Terms & Conditions on accessing our service and technology.

Check it out

Want more of the detail?

Get more information on security and privacy at Vizibl by downloading our factsheet.

Download factsheet 

The Vizibl Platform

Learn more about:

Talk to us about security at Vizibl and we can help your organisation.

Request Demo