Upholding privacy and security: How Pexip aligns with the 14 Cloud Security Principles

Pexip and NCSC cloud principle alignment

As workers continue to stay home to reduce the risk of Covid-19, the share of employees working partly remote is exploding. Going forward, it seems the market for video and collaboration is going to have a lasting effect from Covid-19. When asked now, businesses are overwhelmingly moving towards hybrid work models with employees being able to work remote at least some of the time. According to Gartner, 82% of enterprises allow employees to work remotely at least some of the time. The benefits from hybrid work are likely to make a long-term change in our work routines. One thing is the likely need for social distancing for many months, but we also believe that more exposure to the benefits of hybrid work models will be a long-term driver, with increased productivity, work flexibility and contribution to sustainability. 

This increased need for collaboration solutions that help maintain productivity and connectivity has exponentially grown and has also brought a renewed focus on security and data privacy.

Organizations must be able to trust that their communications are secure, now more than ever.

At Pexip we deliver a scalable, high-quality video communication platform designed for large enterprises, healthcare providers, and government agencies. Security and data privacy are paramount to these organizations, and we are committed to upholding a high standard of information security, privacy, and transparency for our customers. 

The Pexip platform is developed by engineers in Norway and the UK following secure development practices, strict information security policies and protocols, and using industry-standard encryption that is activated by default -- not something that needs to be turned on. Pexip’s meeting solutions are available in flexible deployment models designed to meet the unique privacy and security requirements of enterprises and industry.

With the Pexip Service, we're responsible for the operations, network and infrastructure. With the self-hosted solution, our customers maintain control of operating the solution and the network. For ultimate privacy and security, customers may choose to deploy a completely self-hosted platform only accessible from a private network with no connectivity to the internet.

As such, Pexip meets the highest levels of information security and takes ongoing steps to protect the data of its customers, partners and employees in compliance with international standards. This includes standard certifications such as ISO/IEC 27001:2013, data privacy regulations such as the EU’s GDPR (“General Data Protection Regulation”) as well as vertical compliance such as HIPAA for healthcare solutions, and JITC (“The Joint Interoperability Test Command”), a wing of the United States Department of Defense that tests and certifies information technology products for military use. 

No matter how you choose to use the Pexip solution, we are committed to ensuring we are following the best practices for our solution for both the private and public sector. 

As such, we have worked with the UK’s National Cyber Security Centre (NCSC), which has specified 14 Cloud Security Principles (CSPs) to ensure that Pexip is in alignment with their cloud security principles. The NCSC provides a single point of contact for SMEs, larger organizations, government agencies, the general public and departments in the UK, as well as working collaboratively with other law enforcement, defence, the UK’s intelligence and security agencies and international partners. 

This compliance allows our customers to be confident that the use of Pexip’s security-first, enterprise-grade solutions enable an organization to maintain their privacy and security standards.  

You can download the whitepaper that highlights how Pexip adheres to these principles and read more about how we uphold our high standards of information security and privacy on our security page here: https://www.pexip.com/security