he growth of the digital age is redefining our lives in numerous ways. Technology has made it seamless to connect with people living in any corner of the world. But it also continuously puts forth the question of privacy and data security. Data breaches have become more common than ever globally, leading to increased concerns about privacy.
What is data privacy?
Data privacy is an essential aspect of data protection. It focuses on appropriate data handling and compliance with data safeguarding regulations. Data privacy also deals with how businesses should collect, store, manage, and share data. When it comes to sharing data, there is also a need for compliance with General Data Protection Regulation (GDPR).
Besides the appropriate handling of data, privacy has another crucial element. It is about keeping in mind the public expectations. The laws related to data protection aim at keeping individuals at the centre of attention. People are made aware of how their data gets used, who uses it, and what control do they hold.
A consumer privacy survey in 2019 highlighted that 84% of the participants care about privacy. They are also equally cautious about the privacy of others and want additional hold on how their data gets used.
How does Airmeet care about your data privacy?
In these tough times, Airmeet is privileged to be helping you stay connected with people you care about. Whether you are an educational institution looking to create a virtual classroom or a business looking to conduct a virtual trade show, we are delighted to help you overcome the challenges in these times of increased social distancing.
The number of businesses using Airmeet has increased manifold since March 2020. It has more than surpassed our expectations. We are working continuously on the operational front to ensure you get the most seamless experience during your virtual meetings. At the same time, we are always looking to offer the most secure experience.
We would like to highlight a few essential aspects here.
- Your meeting or the related content does not get monitored by us
- We have never sold your data and will never do that in the future
- The data that we collect is only to provide you with a better user experience
- We comply with all the applicable privacy rules and laws like the GDPR
Airmeet has a trusted global user base of 2750+ customers, and it continues to grow with each passing day. We have a team of expert information security specialists dedicated to protecting the data of our users.
Airmeet believes in the confidentiality of users and data integrity. We have a zero-tolerance policy against data breaches and violations. Here is an overview of our audit and compliance measures.
Audit and Compliance
Airmeet holds an ISO 27001:2013 certification for security standards. To keep improving our information security, we regularly audit our products, processes, and vendors. We have a systematic approach to audit findings and reporting. Our team of information security specialists ensures they identify solutions to the audit findings (if any) and solve them at the earliest.
Airmeet’s enterprise-class data security measures
Here is a detailed overview of our best practices related to data protection, infrastructure and systems availability.
Airmeet uses a virtual private cloud AWS platform to deploy its services. The AWS platform offers excellent security, scalability, and availability of data. There are also strong measures to safeguard all the infrastructure at AWS’s end. No third party or AWS itself can access the data and infrastructure of Airmeet.
The data centers of AWS have an ISO 27001 certification. They are also PCI DSS Service Provider Level 1 and or SOC 1 and 2 compliant.
(Read: Learn more about Compliance at AWS here)
Network and application security
- Dedicated security team: We have an in-house team of experts who deal with all the security-related issues and alerts. Operating 24×7, we take care of all the breaches and security threats in real-time. We have an incident management procedure to take care of all the security breaches at the earliest.
- Vulnerability Assessment and Penetration Testing (VAPT) : We regularly conduct Vulnerability Assessment and Penetration Testing on the network and application through a third-party source.
- Incident and breach management: We have a well-defined incident management process to classify and manage incidents and security breaches. Our information security team monitors, tracks, and resolves incidents on a real-time basis.
- Quality Assurance : We conduct rigorous functionality, performance, stability, and UX tests to ensure we deliver the best user experience.
- Version Control: We manage the version control and versioning centrally for the source code. The access remains restricted to our internal teams based on their specific usage. There is also a record-keeping system for code check-ins and check-outs, and code changes.
DOS and DDOS Mitigation
We make use of Cloudflare and AWS services to block DDOS attacks. Additionally, we also use AWS WAF and Cloudflare CDN to prevent DDOS risks on various services.
Other security measures
To ensure the highest levels of data protection and privacy, we have several other security regulations. These include access control, vendor management, incident management, change management, risk management, and much more.
We never store user passwords in plain text. The passwords get encrypted in two ways. These include encryption at rest and encryption in transit.
- Protocols : We use HTTPS and WSS (SSL/TLS) protocols for all the communications between client and server.
Availability and continuity
- Uptime: We deploy our services in multiple data centers that ensure high availability. There is also the option to scale up the services based on the increased load of users.
- Disaster Recovery: We deploy our services in multiple data centers that ensure high availability. There is also the option to scale up the services based on the increased load of users. We have a formal Disaster Recovery Plan (DRP) and Business Continuity Plan (BCP). It gives us the necessary support during any business interruptions. We maintain the Disaster Recovery protocols by complying with the standards of ISO 27001:2013.
Even if there is any significant outage, we can recover the entire data through backups. Furthermore, we can also move our services to different DC/regions to continue our operations.
To improve our response practices even further, we regularly conduct disaster recovery mock drills. We do the data backup daily, and our systems have a point-in-time recovery model. The multiple data centers help us to keep the system availability high.
Our production environment remains logically separated from other environments. We never use the production data in our test environments.
Information Security Program
We have a database of policies related to information security. We follow it stringently, and there are regular orientation sessions to keep everyone updated with our security program.
Airmeet has always focused on the privacy of its users. We have a culture of transparency and remain committed to being open with our customers. Our team is continuously working to strengthen the Airmeet platform where everyone can have a seamless and secure conferencing experience. We would welcome any feedback you may have regarding our platform.
All our employees need to sign non-disclosure and confidentiality agreements to protect the data and integrity of our customers.
We have a system in place to ensure the security and privacy of all our users. You can connect with us at [email protected] to report any issues.
All our employees go through a background and criminal check before they start working with us.
We used your personal data to service your requests, process payments, communicate with you, promote our services to you, maintain your account with us, and enhance your overall experience on the platform.
We collect your identification, transactional, automated, and account data to provide a better user experience to you.