Security at the highest level
Unified Capabilities Approved Product List (UC APL)
Defense Information Systems Agency (DISA)
FIPS 140 Level 2 Validated
Federal Information Processing Standard (FIPS) Publication 140-2 compliance
Enables HIPAA Compliancy
Health Insurance Portability and Accountability Act (HIPAA) compliance
CSA STAR Level One
CSA STAR Registry
ISO 27001 Certified Company
ISO/IEC 27001:2013 certification
More than just Encryption
Pexip uses industry-standard encryption and security protocols to control access and to prevent unwanted audiences from listening in.
To provide information security in areas that encryption cannot address, Pexip has been developed from the ground up within the constraints of a Defense-in-Depth cybersecurity architecture. Our cyber architecture focuses on applying a holistic approach to security and is designed to address all aspects of the threat model, including application, network, and operational security elements.
Pexip has a very sophisticated Software Development Life Cycle (SDLC), because we know that as an application, we are going to be constantly rolling out new features, new capabilities, and patching and fixing things. We have a solid internal culture built on strong privacy and security practices. Our security practises focus on the organisation as a whole; from organisational security procedures, to our people hiring policies and employee security policies, to where and how our products are developed.
Our security features include:
- NIST validated FIPS 140-2 encryption module
- Zero Trust architecture (ZTA) compliant policy stack
- Use of industry-standard protocols, and full regulation compliance
- Data sovereignty and insights
- Customizable workflows and features to ensure compliance with desired level of security
- Deployable in private clouds
Zero Trust Security Architecture
Learn how Zero Trust (ZT) is shaping the future of data security and how to optimize your ZT environment with Pexip.
- What is Zero Trust (ZT)?
- How does Pexip support ZT security?
- Who should consider ZT security?
- How does ZT security protect against hacks?
Data Privacy & Control
Pexip is committed to upholding high standards of information security, privacy and transparency for its customers, partners and employees.
We do our utmost to make sure your data is private, protected, secure, and compliant with all relevant privacy regulations such as General Data Protection Regulation (GDPR)/EU Regulation 2016/679.
Our video collaboration platform strictly follows our ISO 27001 certified information security policies and is continuously tested with technology providers including Microsoft, Google, Cisco, and Poly to ensure high-quality video conferencing between platforms.
Read more about our commitment to Privacy.
Our Pexip Information Security Management System (ISMS) is developed and maintained according to the ISO/IEC 27001:2013 standard and is independently audited by DNV GL.
What does this mean for you as a customer?
- We have formalized internal information security best practices and implemented the practices from the ISO/IEC 27001:2103 standard.
- We have formalized a management review of the information security management system and its performance.
- Our company meets the requirements of relevant regulatory, contractual, and other legal obligations.
- We are committed to meeting regulatory compliance with international laws and demonstrate worldwide recognition of excellence by employing an international framework with specific codes of practice.
- We are committed to proactively testing both our software solution and service to ensure they meet high security standards. We conduct both Static and Dynamic Application Security Testing (SAST/DAST), as well as active penetration testing with a certified auditor.
Security in the Pexip Infinity self-hosted solution
The Pexip Infinity self-hosted solution supports the industry standards for communication encryption for end-user devices, ensuring that communication is secure and kept private even if it crosses the internet.
- API support for customer-developed security policy stack
- Private deployments
- Encrypted communication
- Best practises security measures
- Network and Host IDS
- Your own TLS certificates
Security in the Pexip Service
The Pexip Service leverages the best-in-class industry standards for communication encryption for meetings and end-user devices, ensuring that communication is secure and kept private.
- Dedicated Pexip network
- GDPR compliant
- Continuous service monitoring
Whitepaper: Pexip and the NCSC's Cloud Security Principles
The UK’s National Cyber Security Centre has specified 14 Cloud Security Principles (CSPs) to inform organizations how to configure, implement and operate cloud services in a secure manner. This whitepaper reflects safeguards employed by Pexip in the context of these CSPs.
Security & Privacy Blog | Explore Further
12 September 2020
Key privacy and security considerations when choosing a video conferencing solution
Giles Chamberlin, Pexip's CTO, discusses some key privacy and security considerations to make when c...
28 August 2020
Upholding privacy and security: How Pexip aligns with the 14 Cloud Security Principles
The National Cyber Security Centre (NCSC) has established 14 Cloud Security Principles to help guide...
26 August 2020
The EU-U.S. Privacy Shield Invalidation: Pexip’s Response and Preparedness
Data privacy is paramount for video communications, and Pexip is committed to keeping your data secu...
Data privacy is paramount for video communications, and Pexip is committed to keeping your data secure
As more workers stay home to reduce the risk of Covid-19 exposure, the need for collaboration soluti...
Video communications: The natural choice for business continuity in response to Coronavirus
Concern around the spread of Coronavirus has accelerated many of the collaboration trends we already...