Keamanan
At AhaSlides, our users’ privacy and online security are our top priorities. We’ve taken all the necessary steps to ensure that your data (presentation content, attachments, personal information, participants' response data, et. al) is kept safe at all times.
AhaSlides Pte Ltd, Unique Entity Number: 202009760N, is hereinafter referred to as “we”, “us”, “our” or “AhaSlides”. ”You” shall be interpreted as the person or entity who has signed up for an Account to use our Services or the persons who use our Services as a member of an Audience.
akses Kontrol
All user data stored in AhaSlides is protected in accordance with our obligations in the AhaSlides Katentuan Pangginaan supados langkung Service, and access to such data by Authorised Personnel is based on the principle of least privilege. Only Authorised Personnel have direct access to AhaSlides’ production systems. Those who do have direct access to production systems are only permitted to view user data stored in AhaSlides in the aggregate, for troubleshooting purposes or as otherwise permitted in AhaSlides' Kebijakan Privasi.
AhaSlides maintains a list of Authorised Personnel with access to the production environment. These members undergo criminal background checks and are approved by AhaSlides' Management. AhaSlides also maintain a list of personnel who are permitted to access AhaSlides code, as well as the development and staging environments. These lists are reviewed quarterly and upon role change.
Trained members of the AhaSlides' Customer Success team also have case-specific, limited access to user data stored in AhaSlides through restricted access to customer support tools. Customer support team members are not authorised to review non-public user data stored in AhaSlides for customer support purposes without explicit permission by AhaSlides' Engineering Management.
Sawise ngganti peran utawa ninggalake perusahaan, kredensial produksi Personil Sah dipateni, lan sesi kasebut dipeksa metu. Sawise iku, kabeh akun kasebut dibusak utawa diganti.
Keamanan data
AhaSlides production services, user content, and data backups are hosted on Amazon Web Services platform (“AWS”). The physical servers are located in AWS’s data centres at two AWS regions:
- Wilayah "AS Wétan" ing Virginia Lor, AS.
- Wilayah "EU Central 1" ing Frankfurt, Jerman.
Ing tanggal iki, AWS (i) nduweni sertifikasi kanggo netepi ISO/IEC 27001:2013, 27017:2015 lan 27018:2014, (ii) disertifikasi minangka PCI DSS 3.2 Level 1 Service Provider, lan (iii) ngalami SOC 1, SOC 2 lan SOC 3 audit (kanthi laporan semi-taunan). Rincian tambahan babagan program kepatuhan AWS, kalebu kepatuhan FedRAMP lan kepatuhan GDPR, bisa ditemokake ing Situs web AWS '.
We do not offer customers the option of hosting AhaSlides on a private server, or to otherwise use AhaSlides on a separate infrastructure.
Ing mangsa ngarep, yen kita mindhah layanan produksi lan data pangguna, utawa bagean saka wong-wong mau, menyang negara liya utawa platform maya sing beda, kita bakal menehi kabar tertulis marang kabeh pangguna sing wis mlebu 30 dina sadurunge.
Langkah keamanan dijupuk kanggo nglindhungi lan data sampeyan kanggo data liyane lan data transit.
Data ing liyane
User data is stored on Amazon RDS, where data drives on servers use full disk, industry-standard AES encryption with a unique encryption key for each server. File attachments to AhaSlides presentations are stored in Amazon S3 service. Each such attachment is assigned a unique link with an unguessable, cryptographically strong random component, and are only accessible using a secure HTTPS connection. Additional details on Amazon RDS Security can be found kene. Rincian tambahan babagan Keamanan Amazon S3 bisa ditemokake kene.
Data ing transit
AhaSlides uses industry standard Transport Layer Security (“TLS”) to create a secure connection using 128-bit Advanced Encryption Standard (“AES”) encryption. This includes all data sent between the web (including the landing website, the Presenter web app, the Audience web app, and internal administrative tools) and the AhaSlides server. Ora ana pilihan non-TLS kanggo nyambungake AhaSlides. All connections are made securely over HTTPS.
Serep lan Pencegahan Kerugian Data
Data wis digawe kanthi terus-terusan lan kita duwe sistem failover otomatis yen sistem utama gagal. Kita nampa pangayoman sing kuat lan otomatis liwat panyedhiya database kita ing Amazon RDS. Rincian tambahan babagan Amazon RDS Serep lan mulihake komitmen bisa ditemokake kene.
Pangguna Sandi
We encrypt (hashed and salted) passwords using the PBKDF2 (with SHA512) algorithm to protect them from being harmful in the case of a breach. AhaSlides can never see your password and you can self-reset it by email. User session time-out is implemented meaning that a logged-in user will be automatically logged out if they are not active on the platform.
Rincian Pembayaran
Kita nggunakake pemroses pembayaran PCI-cecek Stripe lan PayPal kanggo encrypting lan Processing kredit / pembayaran kertu debit. Kita ora tau ndeleng utawa nangani informasi kertu kredit/debit.
Keamanan Keamanan
Kita duwe lan bakal njaga langkah-langkah teknis lan organisasi sing cocog kanggo nglindhungi data pribadhi uga data liyane saka karusakan sing ora disengaja utawa ora sah utawa kerugian sing ora disengaja, owah-owahan, pambocoran utawa akses sing ora sah, lan nglawan kabeh bentuk pangolahan sing ora sah (a "Kejadian Keamanan ").
We have an incident management process to detect and handle Security Incidents which shall be reported to the Chief Technology Officer as soon as they are detected. This applies to AhaSlides employees and all processors that handle personal data. All Security Incidents are documented and evaluated internally and an action plan for each individual incident is made, including mitigatory actions.
Jadwal Revisi Keamanan
This section shows how often AhaSlides conducts security revisions and conducts different types of tests.
kegiatan | frekuensi |
Latihan keamanan staf | Ing wiwitan pakaryan |
Mbusak sistem, akses hardware lan dokumen | Ing mburi pagawean |
Mesthekake tingkat akses kanggo kabeh sistem lan karyawan bener lan adhedhasar prinsip paling ora hak istimewa | Sawise setahun |
Mesthekake kabeh perpustakaan sistem kritis paling anyar | Terus-terusan |
Tes unit lan integrasi | Terus-terusan |
Tes seng nembus njaba | Sawise setahun |
Keamanan Fisik
Sawetara bagean kantor kita nuduhake bangunan karo perusahaan liyane. Pramila, kabeh akses menyang kantor kita dikunci 24/7 lan kita mbutuhake karyawan lan para pengunjung wajib mlebu kanthi nggunakake sistem Keamanan Smart Key kanthi kode QR langsung. Kajaba iku, para pengunjung kudu mlebu ing meja ngarep lan mbutuhake pengiring ing saindenging bangunan. CCTV nyakup titik mlebu lan metu 24/7 karo log sing kasedhiya kanggo kita internal.
AhaSlides' production services are hosted on Amazon Web Services platform (“AWS”). The physical servers are located in AWS’ secure data centres as stated in section "Data Security" above.
Owah-owahan
- November 2021: Nganyari bagean "Keamanan Data" kanthi lokasi server tambahan anyar.
- Juni 2020: Nganyarake ing bagean ngisor iki: Keamanan Fisik.
- Mei 2020: Versi kaca pisanan.
Duwe pitakonan kanggo kita?
Ndhaptar. Kirimake kita ing hi@ahaslides.com.