Splashtop Security Practices
Our Cloud infrastructure is hosted on Amazon Web Services (AWS) which provides a secure network and computing environment, including but not limited to firewalls at network, application and instance layer, data encryption, DDoS mitigation etc. Splashtop has achieved SOC 2 Type 2 Certification as well as SOC 3.
We have intrusion detection and defense mechanisms for our production environment running 24×7. We have adopted industry best practices when building our Cloud application stacks to ensure security is enforced and instances are fortified. We constantly scan our remote access and remote support products to ensure their integrity. Splashtop works with top-notch firms to conduct security audits regularly. We also use multiple security firms to conduct penetration testing for all our systems.
On endpoint devices, we have multiple levels of security protection, including mandatory device authentication and optional two-factor-authentication and security code. All remote sessions are protected with TLS (including TLS 1.2) and 256-bit AES encryption.
Authorization and Auditing
Splashtop is designed with strong authentication requirements, to ensure users are who they say they are. There is also a robust set of authorization controls, to finely tune the rights and access permissions of authenticated users. Authorization can make use of the organization’s SSO (single sign-on) and SCIM (System for Cross-domain Identity Management) capabilities. Finally, comprehensive logging is in place, to enable monitoring and auditing.
Security Is Our Priority
We at Splashtop take security seriously, which is why we make big investments to continually improve our infrastructure and security measures. Plus, we’ve assembled the world’s leading experts in cybersecurity and compliance to form our Security Advisor Council to help guide us toward our rigorous security and compliance goals.
Splashtop Technical and Organizational Measures
The Technical and Organizational Measures (TOMs) describe the security measures and controls implemented and maintained by Splashtop to protect and secure the personal data we store and process. Read Splashtop’s Technical and Organizational Measures.
Note for European Union (EU) Users
Splashtop maintains two sets of cloud infrastructure, one for EU users and one for non-EU users. Each set contains its own API servers, relay servers, web servers, and database. User data is not shared between the two sets of infrastructure. By default, EU users are directed to create their accounts and maintain their user data in the EU-based cloud infrastructure. Such separation enables users to comply with the data sovereignty requirements they may have.
MSP and IT Security Feed
Did you know that Splashtop hosts a security feed for MSPs and IT professionals to stay up to date with the latest cybersecurity news and vulnerability alerts related to OS, browsers, VPN and RDP? Check it out now and subscribe to receive email alerts so you can protect your business and your clients with security news as it comes.