Security controls and processes
Security and privacy of your data are our #1 concern. As such, we invest heavily to ensure that your data in our systems is safe, secured, and always available.
Pepperi is ISO/IEC 27001: 2013 certified, an international information security standard. This certification ensures IT leaders that Pepperi’s technology and processes meet the highest global standards.
Pepperi is also ISAE 3402 compliant, providing the necessary assurances that Pepperi follows the applicable controls and standards to provide services to companies who are under SOC regulation, including Sarbanes-Oxley.
The Pepperi ISO 27001 and ISAE 3402 certificates, Statement of Applicability, and related reports are available upon request.
Pepperi secures all data communication to and from our service using the SSL/TLS protocol, ensuring that users have a secure connection from their browsers and mobile apps to our service. We employ both server authentication and data encryption to ensure that your data is safe, secure, and available only to registered users.
Our cloud-based web applications are protected by best-of-breed web application security software, safeguarding from web attacks, DDoS, site scraping, and fraud.
Your data at Pepperi is replicated across data centers in different geographic locations. We perform regular disaster recovery tests to verify our projected recovery times and the integrity of our customers’ data.
We archive daily, monthly, quarterly, and yearly snapshots of your data to ensure full recovery in the event of an unforeseen failure.
Our Information Security team monitors notification from various sources and alerts from internal systems to identify and manage threats.
• Perimeter firewalls and edge routers block unused protocols
• Internal firewalls segregate traffic between the application and database tiers
• Denial of Service protection controls