Personal data is a valuable commodity in today’s digital world. It ensures that your business thrives and expands by offering the products, services and experiences that your customers truly want, when they want them. Reflecting this tremendous value, the digital collection of personal data has never been under closer scrutiny.
Built for data-sensitive environments, Glassbox understands that the security of the data collected and stored by our customers is nothing less than critical. To deliver the peace of mind that our customers deserve, we apply four layers of security.
As an accreditation for these practices, Glassbox is SOC 2 certified, ensuring the highest international standards and best practices in information security.
- Our developers work according to a Secured Software Development Life-Cycle (SSDLC) in all the development stages: planning and requirements, architecture and design, test planning, coding, testing and results, release and maintenance.
- Penetration Tests (PT) and Audits: a 3rd party runs our PT and Audits on a monthly basis.
- We work according to FIPS-140/2.
- When our Customers choose to deploy Glassbox in the Cloud, each Customer gets its own isolated environment.
- Application level resources are never shared.
- We use a dedicated hardware per request.
- All the data is encrypted.
- Glassbox supports Single Sign-On (SSO) including SAMEL2.
- Functions are driven by roles (Menu & Controls).
- Permissions are given per application e.g. (www.mywebsite.com/app1 VS www.mywebsite.com/app2).
- Configuration is encrypted.
- Audit log - Each and every change to the Glassbox system is being audited.
Data & masking
- Data is being encrypted at rest and on transport.
- Data can be masked at any level, from end-user level to system level.
- Personally Identifiable Information (PII) can be encrypted and visible to authorized users only.