Mindtickle is hosted on a highly secure Amazon Web Service (AWS) cloud infrastructure with best-in-class security processes and comprehensive compliance programs such as Cloud Security Alliance, SOC1, SOC2, ISO 27001, ISO 27017, ISO 27018, PCI DSS, FIPS, GxP, HIPAA and NIST.
Automatic data distribution across multiple availability zones across regions provides replication and scalability across the platform for low latency and accelerated delivery of content; and ensures preparedness towards responding to business continuity events and disasters.
Our infrastructure and platform are guarded with advanced Distributed Denial of Service (DDoS) protection for always-on detection and automatic in-line mitigations that provide protection against all known infrastructure attacks to minimize application downtime and latency.
Extensive security measures are installed for intelligent threat monitoring, ongoing intrusion detection, automated code scanning, periodic vulnerability assessments, and penetration testing, regular privacy reviews, and health monitoring through dashboards and alerting.
Customer information is protected using cryptographic security for data in transit using HTTPS through Transport Layer Security (TLS) protocol to safeguard from eavesdroppers and for data at rest with Advanced Encryption Standard (AES) to protect from unauthorized disclosure.
Stringent security controls are offered to customers to enable secure Single Sign-On (SSO) integration through SAML 2.0, setup account password complexity, configure email domain restrictions for platform access, and granular role-based access control.
Mindtickle platform is designed to ensure privacy by default, allowing protection and control of customer and user personal data through powerful user data management functionalities, log pseudonymization, data subject rights, transparent data breach disclosures, and data retention policy.
