Digital Setups Company: Security Standard
We’ve taken your security seriously. That’s why we’ve gone the extra mile to ensure the highest level of protection for your data. We’ve partnered with reputable industry leaders who offer secure and certified products to host and deliver our products/services.
You can trust that we’ve made every effort to implement the best possible security standards, giving you peace of mind and a seamless experience. Your security is our top priority.
Secure Cloud Hosting
We have implemented robust security measures at the infrastructure level, such as regular system updates, firewalls, intrusion detection systems, and monitoring tools to protect against unauthorized access and potential vulnerabilities.
Our host partner is AICPA SOC 2 Type II and SOC 3 Type II certified. Additionally, our trusted cloud hosting partner has achieved Cloud Security Alliance (CSA) STAR Level 1.
Secure Network Communication
Our website utilizes SSL/TLS encryption to secure data transmission between the website and its users, especially during sensitive activities like payment processing and user login.
All of our network layer communication is protected by trustworthy partner who is certified with ISO 27001:2013, ISO 27701:2019, ISO 27018:2019, FedRAMP Moderate, SOC 2 Type II, PCI DSS 3.2.1, WCAG 2.1 AA and Section 508, C5:2020, EU Cloud Code of Conduct, 22.214.171.124 Public DNS Resolver Privacy Examination, and BSI Qualified.
Secure Payment Processing
We leverage the security features provided by our trusted and secure payment processor which is PCI Level 1 Service Provider. We follow the best practices recommended by our payment processing partner including tokenization of payment data and adherence to PCI DSS requirements. We rely on our PCI certified partner to process payments directly from our platform via certified integrations.
Secure Content & User Management
We have taken our content and user security seriously. There are multiple security measures that we take to ensure security and privacy for our users as well as our content.
Periodic Security Risk Testing by our Partner
Our content management software is officially and periodically tested by OWASP community for potential security risks.
Internal Security Audits
Our developers are enforced to follow rigid security standards and recommendations to test, remove, and verify security issues related to unauthorized code injection, broken authentication and session management, XSS attacks, insecure direct object reference, security misconfiguration, sensitive data exposure, missing function level access control, CSRF, known vulnerabilities, unvalidated redirects & forwards, and more security checkpoints.
We conduct regular security audits and vulnerability assessments to identify and address any security gaps or weaknesses. Our security team performs penetration testing to simulate potential attacks and validate the effectiveness of security measures.
Secure Data Handling
Our data entry and request forms on the front-end and back-end are secured from XSS attacks, unauthorized requests, and data is always sanitized prior to storing in the database.
At Digital Setups, we have implemented measures to securely store and handle user data, adhering to data protection regulations and best practices. All the sensitive user information is encrypted, both at rest and in transit.
We have enforced strong password requirements for user accounts, including a combination of alphanumeric characters, special characters, and periodic password updates. We have implemented measures to detect and prevent brute-force attacks.
Additionally, we have also implemented secure user authentication mechanisms, such as multi-factor authentication (MFA), to verify user identities. We have clearly employed appropriate authorization protocols to ensure that users have appropriate access privileges based on their roles.
Employee Security Training and Awareness
We put an effort to educate employees about security best practices, data handling procedures, and the importance of maintaining security standards. With no compromise, we promote a culture of security awareness and provide ongoing training to mitigate risks associated with human error.
Security Standards for Data Tracked via 3rd Parties
We track, collect, and store some data via 3rd parties for advertising, promotions, and analytics. As a part of our own security standards and measures, we ensure that we rely on trusted partners with highes