Security Documentation

Data Encryption in Transit and At Rest

CurrentDesk supports the latest recommended secure cipher suites and protocols to encrypt data in transit. Customer data is encrypted at rest. We work hard to maintain best practices for encryption and disable support for older encryption standards that are no longer considered strong. This is one reason that we drop support for older browsers aggressively.

Data center security

Your data is hosted on both Microsoft Azure and Amazon Web Services (AWS), both global leaders in Infrastructure as a Service (IaaS) and take physical and network security seriously. Their data centers are housed in nondescript facilities. Physical access is strictly controlled both at the perimeter and at building ingress points by professional security staff, video surveillance, intrusion detection systems, and other electronic means. Access to their data center floors requires two-factor authentication a minimum of two times. Both maintain multiple certifications for their data centers, including ISO 27001 compliance, PCI Certification, and SOC reports.

Internal controls

Keeping systems safe is part of our daily life here at CurrentDesk. We have strict internal policies and processes to keep our team and their kit safe, to protect our assets, and to limit access to sensitive systems and infrastructure to key staff on a needs-only basis.

Backup and availability

Our systems automatically replicate your data across multiple locations in real-time to maximize availability. Data is also constantly backed up to ensure we can restore access to your data and the service in the unlikely event that the data replicas in all locations fail at once. Our monitoring alerts us to any trouble and we have staff on-call at all times to quickly resolve unexpected incidents.

Updates and external review

We work promptly to upgrade the service to respond to potential new threats and vulnerabilities as they are discovered.

Payment card data

We maintain PCI-DSS certification for payment collection. We do not store credit cards on our systems.