This article provides an overview of the security features of the PeopleVine platform and our vendors.
PeopleVine's shared (SaaS) environment is hosted in Microsoft Azure using a combination of Web Apps, Azure VM, Storage and other components of the Azure platform. With the reliability of Microsoft and the scalability of the cloud, we can dynamically handle volume on a needed basis to ensure a quick and engaging experience for your consumers. Microsoft has detailed a document highlighting the overall security settings in place for data stored and transmitted via Azure here.
Redundancy and Backups Built In
PeopleVine has built in redundancy spreading its database and web server across both the west coast and east coast of USA to ensure complete availability in the event of an outage in a specific region. We also ensure that all content, files and data are backed up on a daily basis in the event a data retrieval is needed.
CDN, Bandwidth and Usage
All media (files, graphics, etc.) that are uploaded into the PeopleVine platform are automatically added to our Content Delivery Network (CDN) in order to ensure the quickest retrieval time available. There are no limitations on bandwidth and usage of the PeopleVine platform provided you are actively enrolled in a PeopleVine plan. Although we do currently cap file sizes to 10MB, we do plan on increasing this in the near future.
Support from Azure
PeopleVine maintains an active support plan with Azure support to ensure we get quick responses and fixes in the event there's a system outage or glitch that needs to be resolved.
To learn more about Azure visit www.azure.com.
On top of the security levels provided by our vendor(s), PeopleVine also employs several security mechanisms to guarantee the safety of your data and user experience:
PeopleVine maintains PCI DSS compliance on a monthly basis through Trustwave, a leader in trusted commerce. This applies both to our API, control panel and portal screens.
As requested by clients, PeopleVine has the ability to meet HIPAA requirements as we currently leverage a proprietary algorithm for encrypting personal data.
All client data is separated by several key elements.
Each request sent to our platform runs through several levels of authentications to ensure proper access of the data based on the user's permissions and access.
Security is handled both in our customer facing tools, such as the control panel and portal, as well as the API to ensure multiple levels of security.
Credit card data is highly encrypted in our platform via a proprietary algorithm and since we maintain PCI DSS compliance, we do not store CVV.
API applications built on the PeopleVine platform can only access other company accounts if the user has authenticated through PeopleVine directly. So your username and password is never shared with the 3rd party app.
All content built in the PeopleVine platform is only visible via a registered domain name, so you can not access another company's information without having the direct URL or access.
All media files uploaded throughout the PeopleVine platform (unless otherwise checked to keep the same name) are encrypted with a unique identifier, folder and extension in order to prevent file/folder browsing.
All transaction data includes the IP Address, Session ID and Device Info of the person who submitted the transaction for trace-ability purposes.
We take security serious within the PeopleVine environment and work with leading vendors to ensure data is encrypted and secured at the highest level.