The security of the service that we provide is central to our team’s mission. This overview describes the major security features of our platform. We are constantly improving the security of our offering.
UserVoice maintains a SOC 2 Type II certification covering the Security, Availability, and Confidentiality of our system. We conduct annual third party penetration tests of the application, internal and external networks. Our application is scanned weekly by a third party system looking for a broad range of known vulnerabilities. We are PCI-DSS certified, and are EU-US and Swiss-US Privacy Shield Certified.
We are happy to provide these reports to current and prospective customers evaluating our security profile. Please email compliance at uservoice.com to request a copy.
Network and Hosting Infrastructure
Our primary hosting provider is the Google Cloud Platform. The flexibility and breath of the platform allows us to scale our system dynamically to handle both normal peaks of traffic and defense against attacks. We also integrate best-of-breed systems to protect our system from malicious intent.
A full list of sub processors that we use is maintained at the bottom of this page. All sub processors are verified to meet the security standards required by us and by our customers.
Our only publicly accessible network entry point is through CloudFlare, who provides CDN, anti-DDOS, and Web Application Firewall services. A DMZ, only accessible through CloudFlare provides another layer of separation of systems that store data from public access. By default, our systems are configured to deny access, and by default, unused services are disabled.
Development and testing environments are separate from production, and production data are not used in development and testing environments.
Data Access and Auditing
A full Information Security Policy governs data access and management practices in every area of our company. Our software development life cycle is subject to a formal Change Control Policy. Every change to the system is captured in an auditable, reversible trail. Review for accuracy, security, and appropriateness of changes to both software and system configuration is required on every change. We use a combination of manual and automatic systems to perform these reviews. Changes are prevented by systems when the change control process is not followed.
Our team undergoes background and reference checks before hire. On hire, teams are trained for security before being granted access to systems, and re-trained at least annually. We minimize the number of people who have access to production data based on requirements of their job role.
All access to our systems are logged and stored centrally and immutably for at least 1 year. Access permissions and appropriateness are periodically reviewed.
Our systems and data are all encrypted at rest (with at least AES-256 bit encryption), all data is encrypted in transport (with at least TLS 1.3 encryption over HTTPS), and individual PII elements are encrypted within database records.
Monitoring and Incident Response
Systems are monitored 24/7 for performance and access anomalies.
Our uptime and all notification of performance incidents are made public at https://status.uservoice.com. We provide transparent post-mortems for every significant incident affecting our performance.
Our response to security incidents is covered by a formal policy. We will notify customers within 48 hours of discovery of an incident, and coordinate research and communication thereafter.
System scans and penetration test results are remediated with high priority governed by policy, and patches to cover newly discovered flaws with the technology we use are monitored and applied according to a policy based on severity. Critical patches and high priority discoveries are handled within hours or days.
We have a near-real-time backup available at a physically separate data center at all time. We also take full backups nightly, encrypt them, and store them with AWS.
A full Disaster Recovery and Business Continuity plan is maintained and tested annually. Our use of container technology enables easier portability across infrastructure hosting providers in case of a very significant outage with our primary hosting provider.
Please refer to our sub-processor list for up-to-date details.