Certifications and attestations
With over 20 years of experience partnering on digital projects, and 24/7 local support, you can be confident that we’re invested in your success.
-
ISO 27001 certifies the confidentiality, integrity and availability of Squiz and our client information.
-
CSA STAR provides the assurance that Squiz implements security best practices to all its services.
-
Squiz holds SOC 2 Type 1 accreditation and operates according to the SOC 2 framework, ensuring data remains secure, available, and confidential.
Security overview
Squiz Cloud
Learn how Squiz manages cyber threats and the security capabilities Squiz Cloud hosting can provide for your organization.
Learn moreSquiz SaaS Platform
Discover how Squiz DXP architecture provides a highly available, fault-tolerant, and secure solution to its customers.
Learn moreData security
Hosting
We leverage AWS security features and varied certified data centre providers to improve redundancy.
Hardening
Our infrastructure is provisioned using vendor and CIS benchmarks to minimise vulnerability.
Least privilege
We use a role-based access model to easily limit access to only those who need it.
Encryption
Our solutions allow encryption at REST when required, and protect the information in transit with TLS encryption.
Data centre protection
Data centres are protected with 24/7 security personnel, closed-circuit television cameras, secure authentication systems, redundant power and cooling, etc
PCI DSS
Where requested, Squiz can provide hosting aligned to PCI DSS v3 for customers that process credit card information.
Product security
Development
Our web solutions are built considering current threats using frameworks like OWASP.
Data segregation
Customer data is stored in silo and separated from other customers.
Application access
You control access of the users, using your instance of our solutions.
BYOK
Bring your own key (BYOK) allows you to use your own SSL certificates for encryption in transit.
Risk-based approach
Security testing
Squiz commissions independent penetration tests against the Services on an annual basis.
Vulnerability scans
Automated network scans run on a daily basis to detect anomalous network configurations, with appropriate processes to catch exceptions and undertake remediation.
Monitoring
Squiz undertakes proactive monitoring of third party vulnerabilities that would impact its services and/or products.
Backup & restore
Data is backed up on a nightly basis and replicated offsite. A process ensures the ability to restore customer data in the event of a disaster or a significant data corruption event.
High availability
Our AWS hosted solutions ensure it is always available using the latest AWS availability features across multiple availability zones.
Region based
Choosing one of our locations, means your data remains within that region.