Our Commitment to Security

Last Updated: October 26, 2023
The security of customer data is paramount to our customers’ values and operations. That’s why we’ve made Customer Trust our number 1 value at Salespeak. Salespeak uses enterprise-grade security and regular audits to ensure you’re always protected. We undergo regular penetration testing and security reviews designed to be SOC 2 and ISO 27001 compliant.This commitment to security is ingrained in our culture.

Continuous Security Commitment

Penetration Testing
We perform an independent third-party penetration test at least annually to ensure that the security posture of our services is uncompromised.
Security Awareness Training
Our team members are required to go through employee security awareness training covering industry standard practices and information security topics such as phishing and password management.
Third-Party Audits
Our organization undergoes independent third-party assessments to test our security controls.
Roles and Responsibilities
Roles and responsibilities related to our information security program and the protection of our customer's data are well defined and documented.
Information Security Program
We have an information security program in place that is communicated throughout the organization. Our information security program follows the criteria set forth by ISO 27001 and SOC 2.
Continuous Monitoring
We continuously monitor our security and compliance status to ensure there are no lapses.

Top Security & Privacy Features

We collect personal information that you provide to us, personal information we obtain automatically when you use the Services, and personal information from third-party sources, as described below.

Physical Security

Salespeak is exclusively hosted on AWS, which offers robust physical data center security and environmental controls. Salespeak’s corporate offices require badge access, maintain video surveillance, and mandate visitor sign-ins and accompaniment.

Network Security

Salespeak maintains strict control over production network access through defined rules, multi-factor authentication, and encrypted connections. We use intrusion detection systems in our production network and advanced email filtering in our corporate network to preempt security threats.

Application Security

Salespeak conducts both internal and external product testing. Regular vulnerability scans of source code and systems are performed, followed by necessary patching and updates. Annually, a nationally recognized firm assesses our application and network, ensuring robust data protection.

Training and Awareness

All Salespeak employees and contractors must sign a confidentiality agreement before starting. Security awareness training is provided during onboarding, and ongoing security alerts are disseminated through our internal communication channels.

Backup and Disaster Recovery

Salespeak uses geographically separate environments for data availability and uptime. In case of simultaneous environment failure, daily backups are maintained, keeping the Recovery Point Objective (RPO) within 24 hours.

Data Protection

Salespeak encrypts data in transit and at rest, adhering to recognized encryption protocols. AWS destroys end-of-life disks following NIST 800-88 standards.