Book a call

Certifications and attestations

With over 20 years of experience partnering on digital projects, and 24/7 local support, you can be confident that we’re invested in your success.

  • ISO 27001 certifies the confidentiality, integrity and availability of Squiz and our client information.

    Read More
  • CSA STAR provides the assurance that Squiz implements security best practices to all its services.

    Read More
  • Squiz holds SOC 2 Type 1 accreditation and operates according to the SOC 2 framework, ensuring data remains secure, available, and confidential.

Security overview

Squiz Cloud

Learn how Squiz manages cyber threats and the security capabilities Squiz Cloud hosting can provide for your organization.

Learn more

Squiz SaaS Platform

Discover how Squiz DXP architecture provides a highly available, fault-tolerant, and secure solution to its customers.

Learn more

Data security

Hosting

We leverage AWS security features and varied certified data centre providers to improve redundancy.

Hardening

Our infrastructure is provisioned using vendor and CIS benchmarks to minimise vulnerability.

Least privilege

We use a role-based access model to easily limit access to only those who need it.

Encryption

Our solutions allow encryption at REST when required, and protect the information in transit with TLS encryption.

Data centre protection

Data centres are protected with 24/7 security personnel, closed-circuit television cameras, secure authentication systems, redundant power and cooling, etc

PCI DSS

Where requested, Squiz can provide hosting aligned to PCI DSS v3 for customers that process credit card information.

Product security

Development

Our web solutions are built considering current threats using frameworks like OWASP.

Data segregation

Customer data is stored in silo and separated from other customers.

Application access

You control access of the users, using your instance of our solutions.

BYOK

Bring your own key (BYOK) allows you to use your own SSL certificates for encryption in transit.

Risk-based approach

Security testing

Squiz commissions independent penetration tests against the Services on an annual basis.

Vulnerability scans

Automated network scans run on a daily basis to detect anomalous network configurations, with appropriate processes to catch exceptions and undertake remediation.

Monitoring

Squiz undertakes proactive monitoring of third party vulnerabilities that would impact its services and/or products.

Backup & restore

Data is backed up on a nightly basis and replicated offsite. A process ensures the ability to restore customer data in the event of a disaster or a significant data corruption event.

High availability

Our AWS hosted solutions ensure it is always available using the latest AWS availability features across multiple availability zones.

Region based

Choosing one of our locations, means your data remains within that region.