Security
Reliable and safe operation of your business phone system. Your data and VoIP services are safe with us. All Order Assist data is stored in modern safe data centers with 24/7 monitoring.
Security and compliance are top priorities for Order Assist. We provide a product that complies with the highest security standards to keep your communication and data safe. Our security team constantly monitors potential security threats and proposes relevant security patches. So, you can rest assured that your data is always safe with us.
We know that contacts and call logs are valuable for you, so we never disclose such information to third parties under any circumstances and protect them as if they were our own data.
Compliance with ISO 27001
Order Assist is ISO 27001:2013 certified. Order Assist undergoes regular third-party independent audits regularly and can provide the certificate upon request.
Security practices
Order Assist team follows recommendations established by security standards ISO 27001/27002, PCI/DSS and the OWASP security project. Order Assist is GDPR compliant. All our customers’ data are partitioned to ensure that they cannot be accessed by other clients or unauthorized persons.
Product security
Order Assist app security
Order Assist uses a combination of various security tokens. Communication through our web interface is fully encrypted with the latest TLS version supporting Forward Secrecy.
All data are encrypted during transmissions between the client and the server.
All passwords are encrypted by an advanced one-way algorithm. Passwords are never stored for internal purposes.
All phone calls made through the WebRTC protocol are automatically encrypted, and those made through the SIP protocol can be encrypted by TLS.
Order Assist does not retain information on customer credit cards. All data are directly provided to our payment processor and our company does not even have access to such information (data is encrypted from the moment the transmission starts).
Permissions
Order Assist enhances internal data security by using different permissions for user roles (admin, user, etc.) which allows you to prevent potential internal security breaches and data leaks.
SSO
Order Assist offers your existing identity provider/SSO solution to be connected. The supported solution is Google SSO.
Penetration testing
Order Assist undergoes regular penetration testing conducted by an independent, 3rd-party security company. Penetration testing is performed no less often than annually. No customer data is exposed to the security company through penetration testing. Outcomes of penetration testing are used to set mitigation and remediation priorities.
Encryption
All data sent to or from Order Assist is encrypted in transit using 256 bit encryption. Our API and application endpoints are TLS/SSL only and score an “A+” rating on Qualys SSL Labs‘ tests. This means we only use strong cipher suites and have features such as HSTS and Perfect Forward Secrecy fully enabled.
High availability
Every part of the Order Assist uses properly-provisioned, redundant servers (e.g., redundant voice infrastructure, multiple load balancers, web servers, replica databases) in the case of failure. As part of regular maintenance, servers are taken out of operation without impacting availability.
Security team
Order Assist’s infrastructure is constantly monitored and in the event of any threats, our security team is ready to step in 24 hours a day.