Security Statement

LAST UPDATED : MAY 25, 2018

Serious about your security

The security of your data and earning your trust is core to our culture, processes and everything we build

Data center security

BrainStorm Inc (OneProvider)

PlatformStay services and your data is hosted on BrainStorm Inc (OneProvider) a global leader in Infrastructure as a Service (IaaS).

Amazon Web Services

PlatformStay backs up data to Amazon Web Services (AWS), a global leader in Infrastructure as a Service (IaaS). Amazon take physical and network security seriously. Their data centres are housed in nondescript facilities. Physical access is strictly controlled both at the perimeter and at building ingress points by professional security staff, video surveillance, intrusion detection systems, and other electronic means. Access to their data centre floors requires two-factor authentication a minimum of two times.

Amazon maintain multiple certifications for its data centers, including ISO 27001 compliance, PCI Certification, and SOC reports. Their reports can be found on the AWS Compliance website and you can read more about the specifics of their approach at https://aws.amazon.com/security/ .

Amazon maintain multiple certifications for its data centers, including ISO 27001 compliance, PCI Certification, and SOC reports. Their reports can be found on the AWS Compliance website and you can read more about the specifics of their approach at https://aws.amazon.com/security/ .

OVH

Some PlatformStay back office support services run on OVH a global leader in Infrastructure as a Service (IaaS). OVH is committed to ensuring optimal security for its infrastructures. This includes implementing a security policy for information systems, and meeting the requirements for multiple standards and certifications (PCI-DSS certification, ISO/IEC 27001 certification, SOC 1 TYPE II and SOC 2 TYPE II certificates, etc.)


Access control

You choose who to invite to your PlatformStay account and the permissions they have. Our team have access to an admin login on your account for the purpose of administration and support.

Internal controls

Keeping systems safe is part of our daily life here at PlatformStay. We have strict internal policies and processes to keep our team and their kit safe, to protect our assets, and to limit access to sensitive systems and infrastructure to key staff on a needs-only basis.

Backup and availability

Our systems automatically replicate your data to maximize availability. Data is backed up once a day, to ensure we can restore access to your data and the service in the unlikely event that the database fails or is corrupted.

Updates

We update PlatformStay regularly in accordance with our software release management processes, which includes source code reviews.

Payment card data

We maintain PCI-DSS compliance for payment collection. We do not store credit cards on our systems.

Concerns or want to contact us?

For concerns that are urgent or sensitive, please email us on our sensitive support channel info@platformstay.com so that it can be handled promptly by our security team.