class="agentbot"
Schedule a Meeting

Best-in-Class Security, Designed for Enterprise Standards

Our platform is built with Enterprise-grade security to protect your data. Engageware upholds best-in-class industry security standards, protocols, procedures and training across our global platform.

Schedule A Meeting

Seamless Security Integration

  • Infrastructure 

    Our products utilize both the AWS and GCP clouds to deliver best in class service.  Our products are delivered in a high availability architecture by using multiple Availability Zones and secured using endpoint protection technologies like EDR and network segregation, and frequent patching.

  • Application

    Our applications are engineered to follow OWASP secure coding best practices. Our SLDC employs third party security checks, vulnerability detection, peer reviews, and consists of multiple QA and UAT environments. Application penetration tests occur regularly.

  • Data

    Protection of your data is important to us.  We comply with data privacy standards such as GDPR, CCPA, and the PDPA. In-transit and at-rest encryption using secure protocols and ciphers are enforced.

  • Personnel 

    All personnel at Engageware are required to undergo security and data protection training every year.  Monthly refresher training courses and consistent phishing tests help keep us ready.  Comprehensive background checks and annual policy reviews help keep our policies and procedures top of mind for the entire staff. 

We’re enterprise ready, deploying with the highest security and encryption industry standards

  • SOC 2

    Engageware safeguards client information with strict adherence to SOC 2 standards. Our SOC 2 compliance certifies that we have implemented robust controls, including data encryption, access management, and 24/7 system monitoring, to protect sensitive data.

  • GDPR

    Engageware is in compliance with the General Data Protection Regulation (GDPR). We ensure that your personal information is handled with the utmost care.  Our products are designed to give you control over your data.  You have the right to access, correct and delete personal data at any time. 

  • ISO/IEC 27001

    Our Conversational AI products at Engageware also are certified against the Information Security Management 27001 (ISO/IEC 27001) standard. This standard ensures our products meet rigorous international standards for managing and protecting data.

Frequently Asked Questions

How do you segment environments?

Our production environment is completely separate from DEV, TEST and QA. We leverage multi factor authentication and RBAC permissions from our corporate Identity Provider to provide auditable access controls to only those that need it.

How do you ensure Data Protection?

To guarantee data protection, we use strict access controls along with robust encryption.

Our staff doesn’t access or interact with customer data or applications as part of normal operations. All of our Enterprise customers’ data is encrypted using TLS 1.2 or higher protocols. Implementing TLS establishes the use of strong, industry-approved encryption.

Data stored at rest is encrypted using the AES-256 algorithm.

How do you handle High Availability?

All applications are supported by redundant services across 2 or more zones (data centers). This helps ensure even with a zone outage, our service will still be available.

Database replication has also been implemented with a master-slave setup, each with automatic replication in a different zone. This deployment automatically provides and maintains synchronous standby replication within a different availability zone.

The entire solution is behind a load balancing cluster that handles distributing the workload among all the instances.

How is Data Isolated?

We offer our services through multi-tenant architecture. This means the application and infrastructure are shared among several customers.

To ensure the confidentiality, integrity and availability of customer information, our solution ensures that:

  • Each customer can only access their own data and metadata
  • Dynamic scalability to satisfy peak demand
  • Each customer can only see their settings and customizations
What is your Data Privacy policy?

We are GDPR-compliant. We protect the personal data of customers and users thanks to specially designed technical, physical and administrative security measures.

The data we collect is strictly detailed in our Privacy Policy.

We only use the collected information in accordance with this policy and for specifically stated reasons.

We guarantee the data protection rights of customers and users and provide a way to exercise them effectively.

If you have any concern, contact privacy@engageware.com

Do you support Single Sign-On (SSO)?

Yes. We support any SAML-based SSO Identity Provider. We actively encourage the use of Single Sign-On.