Docs
Your data remains your exclusive property and is accessed infrequently. Chargebee Reveal will never access your data without obtaining your explicit permission, except in cases of genuine security concerns or quality assurance needs.
Rest assured, your data 100% belongs to you and is never subjected to any form of sale. We will never delete any data from your account without first providing you with adequate time to export it.
Reveal places a strong emphasis on data security. Your data is encrypted both during transit, utilizing advanced TLS protocols and 2,048-bit keys, and while at rest, leveraging Amazon's Key Management Service (KMS).
Our commitment to data security extends to the hosting of Chargebee Reveal products in collaboration with the world's leading data center providers. Access to these data centers is rigorously controlled. Our partners hold esteemed certifications such as SOC 2 Type 2 and ISO 27001, and they ensure N+1 redundancy for all power, network, and HVAC services.
We conduct thorough third-party assessments, including network, application, and physical security tests, and audits multiple times each year to bolster our security measures and ensure your data's safety.
At Chargebee Reveal, we prioritize the security of cloud infrastructure to ensure the protection of your data.
Our commitment to data center physical security is unwavering. We ensure that our facilities adhere to rigorous security standards.
Chargebee Reveal primarily relies on AWS data centers, which have earned certifications including ISO 27001, PCI DSS Service Provider Level 1, and SOC 2 compliance for the hosting of Service Data. to quote AWS - Independent reviews of data center physical security is also a part of the ISO 27001, PCI, ITAR, and the FedRAMP compliance programs.
AWS on-site security encompasses an array of protective features, including security personnel, perimeter fencing, security camera feeds, intrusion detection technology, and various other security protocols.
Chargebee Reveal leverages AWS data centers situated in the United States, Europe, India and multiple regions to ensure that the data storage is compliant with the law-of-the-land, especially payments' data. Customers are afforded the flexibility to select the precise location for hosting their Service Data as needed.
At Charegebee Reveal, we maintain a dedicated information security Team that's available around the clock, every day of the year. They are on standby to respond swiftly to security alerts and incidents.
Our network benefits from a robust network-level firewalling system. This system provides a formidable defense against network attacks. We closely monitor and exercise tight control over firewall protections to ensure the security of our network.
In addition to our comprehensive internal scanning and testing procedures, we regularly engage third-party assessments and audits, conducted multiple times each year. This practice enhances our security posture and validates its effectiveness. We effectively have an audit every single day.
To reinforce the security of our network, we rely on essential AWS security services, ongoing audits, and vigilant network IT supervision. These measures allow us to actively monitor and proactively thwart recognized malicious traffic and attacks.
During data transmission, all data sessions are consistently safeguarded through the implementation of advanced TLS protocols and the utilization of 2,048-bit encryption keys.
When it comes to data storage, all databases are securely encrypted while at rest. This encryption is executed using Amazon's Key Management Service (KMS). The same level of encryption is consistently applied to the disks utilized for our production application servers.
Chargebee Reveal conducts third-party assessments and audits multiple every quarter. This means our teams are virtually being audited all-round the year.
Our engineers actively participate in routine secure code training sessions, encompassing OWASP Top 10 security risks, common attack vectors, and Chargebee Reveal's security controls.
Chargebee Reveal has developed an extensive collection of security policies. These policies are shared with and accessible to all employees and contractors who have access to Chargebee Reveal's resources.
All our employees undergo security awareness training, which is administered upon onboarding and repeated annually. Additionally, our engineers receive annual secure code training. Our security team disseminates further security awareness updates through internal messaging, email, and presentations during internal events.
Chargebee Reveal's conducts criminal background checks on all new employees in accordance with local regulations. These checks are also a mandatory requirement from our information security auditors to maintain our licenses.
We maintain a strict separation between testing and staging environments and the production environment. Our development and test environments never incorporate any service data from the production environment.
Was this article helpful?