Built for Security
Enterprise-grade security is a core tenet of our platform.
The Re:infer platform supports the real-time interpretation of billions of sensitive communications every year. Our clients trust us with some of their most valuable communications. Security is - and always will be - the core tenet behind the design and engineering of our platform.
At Re:infer we take pride in the security of our platform. We are committed to meeting the highest standards of information security to minimise cyber risks, maintain the trust of our users, and safeguard our clients' data. We routinely exceed the requirements of our clients and partners for information protection.
Leading enterprises globally trust Re:infer to analyse and automate their communications
Built on Google Cloud
Our servers are hosted by the Google Cloud Platform (GCP). GCP has comprehensive security accreditation. To ensure high availability, Re:infer is currently deployed across three zones within GCP's europe-west1 region, located in Belgium. Each zone is designed to be independent, with its own power, cooling, networking, and control planes that are isolated from other zones to ensure high availability.
Secure & Compliant
We are ISO 27001:2013 certified for best practice in information security management. We impose strict standards on our data management protocols and audit them annually.
Our platform and engineering culture is built on best-in-class & state of the art technologies adhering to open standards-compliant solutions.
All data stored within our platform (data at rest) is encrypted at the storage level based on standard GCP practices. Data within GCP's Cloud Storage is encrypted using the Advanced Encryption Standard (AES) 256-bit algorithm (AES-256). Data communicated over the Internet (data in flight) is encrypted using Transport Layer Security (TLS) 1.2 or higher.
Identity & Device Management
Our platform ensures that only the right people and approved devices can access your organisation's data, with features such as two-factor authentication (2FA), password security analysis, Single Sign-on (SSO) and single-session logins only.
Our platform has built-in access control. Fine-grained permissions controlled by client administrators lock down what actions users can take in the platform and what they can do with the data.
Platform Monitoring & Auditing
We record audit logs for all user actions in the platform, as well as internal logs for all platform infrastructure, including operating systems, web servers, and back-end processing services. We implement a variety of health checks to monitor the availability and performance of the platform.
We frequently test our platform and procedures through a combination of internal audits and third-party penetration tests, welcoming all our clients to conduct their own tests and audits.
All API requests require authentication and are handled by a dedicated REST API Gateway. However, we can also implement strict IP filtering where users will only be able to log in and access the data from a set of filtered IP addresses controlled by you.
Where is our data stored?
Our servers are hosted by the Google Cloud Platform (GCP). All data is stored in Europe, currently in Belgium. Re:infer is currently deployed across three zones within the Google Cloud Platform europe-west1 region.
Who can access our data?
Data access is completely controlled by you, the client. Our platform has fine-grained permissions that allow you to control who can view and take action on the data stored within our platform.
How often are penetration tests conducted?
Tests are conducted at least annually, should vulnerabilities to identified these are addressed and the platform is retested as soon as possible. We are welcome clients to conducting their own penetration tests as well.
Is our data backed up?
Data is backed up on a daily basis. In terms of durability, our databases are sharded and replicated across three different availability levels. Furthermore, the databases are backed by GCP Persistent Disks (PD), distributed between multiple physical drives within a zone.
Is our data encrypted at rest?
All data stored within our platform (data at rest) is encrypted at the storage level based on standard GCP practices. Data within GCP's Cloud Storage is encrypted using the Advanced Encryption Standard (AES) 256-bit algorithm (AES-256). In GCP, AES is used in Galois Counter Mode (GCM) in almost all cases.
Is our data encrypted in transit?
Data communicated over the Internet (data in flight) is encrypted using Transport Layer Security (TLS) 1.2 or higher, including ephemeral Elliptic-Curve Diffie-Hellman (ECDHE) key exchange and AES-GCM for symmetric encryption whenever supported by the client software.
How can I get data in and out of the platform securely to use in downstream systems and applications?
Re:infer provides a standards-based, open, and documented TLS/HTTP REST API as the primary data-transfer mechanism, allowing safeguarded integrations to be built easily by clients or third parties. All API requests are authenticated and routed through a REST API Gateway. We also have pre-built data integrations to existing systems.
Does Re:infer have customer support models in place?
Yes, we have a dedicated customer success and support team in place. We aim to deal with any issues or questions raised in a clear and timely manner, ensuring responses and resolutions are in accordance with the severity level of the request. Additionally, we also have a well-documented and swift incident management procedure to mitigate any damage caused.