At Pexip, we offer multiple deployment options from a self-hosted solution, Pexip Infinity, to a private cloud solution called Pexip Private Cloud and a cloud service, the Pexip Service giving you the flexibility to choose what to do with your video conferencing data and how you want to manage it.

Security
Security is paramount to us. Everything we do is built around providing a secure video platform for our customers.

Data Privacy & Control
Your data is always your own. We do not sell or share your data with any third parties.

Compliance
Pexip’s platform is designed to meet the strictest U.S. Federal & European requirements.
Security at the highest level
Our approach to a secure video platform adheres to the strictest security standards established by such risk management frameworks as GDPR, NIST SP 800-37, ISO 27001, and PCI DSS, and enables HIPAA compliance, among others. Compliance and certifications of the Pexip solution include:

Unified Capabilities Approved Product List (UC APL)
Defense Information Systems Agency (DISA)

FIPS 140 Level 2 Validated
Federal Information Processing Standard (FIPS) Publication 140-2 compliance

Enables HIPAA Compliancy
Enabling Health Insurance Portability and Accountability Act (HIPAA) compliance
CSA STAR Level One
CSA STAR Registry

ISO 27001 Certified Company
ISO/IEC 27001:2013 certification

CSPN Certification
French National Agency for Information Technology Security (ANSSI)

Spanish CCN (Centro Criptologico Nacional)
Public agency to ensure security of ICT systems, particularly in the public sector
Security
More than just encryption
Pexip uses industry-standard encryption and security protocols to control access and to prevent unwanted audiences from listening in.
To provide information security in areas that encryption cannot address, Pexip has been developed from the ground up within the constraints of a Defense-in-Depth cybersecurity architecture. Our cyber architecture focuses on applying a holistic approach to security and is designed to address all aspects of the threat model, including application, network, and operational security elements.
Pexip has implemented a sophisticated Software Development Life Cycle (SDLC), which enables us to constantly roll out new features, new capabilities, and provide ongoing maintenance and fixes. We have a solid internal culture built on strong privacy and security practices. Our security practises focus on the organisation as a whole; from organisational security procedures, to our people hiring policies and employee security policies, to where and how our products are developed.
Our security features include:
- NIST validated FIPS 140-2 encryption module
- Zero Trust architecture (ZTA) compliant policy stack
- Use of industry-standard protocols, and full regulation compliance
- Data sovereignty and insights
- Customizable workflows and features to ensure compliance with desired level of security
- Deployable in private clouds
Zero Trust Security Architecture
Learn how Zero Trust (ZT) is shaping the future of data security and how to optimize your ZT environment with Pexip.
- What is Zero Trust (ZT)?
- How does Pexip support ZT security?
- Who should consider ZT security?
- How does ZT security protect against hacks?
Data Privacy & Control
Pexip is committed to upholding high standards of information security, privacy and transparency for its customers, partners and employees.
We do our utmost to make sure your data is private, protected, secure, and compliant with all relevant privacy regulations such as General Data Protection Regulation (GDPR)/EU Regulation 2016/679.
Our video collaboration platform strictly follows our ISO 27001 certified information security policies and is continuously tested with technology providers including Microsoft, Google, Cisco, and Poly to ensure high-quality video conferencing between platforms.
Read more about our commitment to Privacy.
Compliance
Our Pexip Information Security Management System (ISMS) is developed and maintained according to the ISO/IEC 27001:2013 standard and is independently audited by DNV.
What does this mean for you as a customer?
- We have formalized internal information security best practices and implemented the practices from the ISO/IEC 27001:2013 standard.
- We have formalized a management review of the information security management system and its performance.
- Our company meets the requirements of relevant regulatory, contractual, and other legal obligations.
- We are committed to meeting regulatory compliance with international laws and demonstrate worldwide recognition of excellence by employing an international framework with specific codes of practice.
- We are committed to proactively testing both our software solution and service to ensure they meet high security standards. We conduct both Static and Dynamic Application Security Testing (SAST/DAST), as well as active penetration testing with a certified auditor.
Security in the Pexip Infinity self-hosted solution
The Pexip Infinity self-hosted solution supports the industry standards for communication encryption for end-user devices, ensuring that communication is secure and kept private even if it crosses the internet.
- API support for customer-developed security policy stack
- Private deployments
- Encrypted communication
- Best practises security measures
- Network and Host IDS
- Your own TLS certificates
Security in the Pexip Service
The Pexip Service leverages the best-in-class industry standards for communication encryption for meetings and end-user devices, ensuring that communication is secure and kept private.
- Dedicated Pexip network
- GDPR compliant
- Continuous service monitoring
Whitepaper: Pexip and the NCSC's Cloud Security Principles
The UK’s National Cyber Security Centre has specified 14 Cloud Security Principles (CSPs) to inform organizations how to configure, implement and operate cloud services in a secure manner. This whitepaper reflects safeguards employed by Pexip in the context of these CSPs.
Security & Privacy Blog | Explore Further

1 December 2022
The 3 most common cybersecurity pitfalls we fail to remember
Our own security guru Ian Mortimer says relying on employee security awareness not enough. Read abou...

28 November 2022
How do secure collaboration tools benefit privacy-conscious organizations?
Organizations in healthcare, government, and finance are undergoing major transformations, and the w...
.jpg?width=560&name=glenn-carstens-peters-npxXWgQ33ZQ-unsplash%20(1).jpg)
23 September 2022
3 ways to ensure business continuity with secure video conferencing
With a global pandemic, supply chain disruptions, climate change, and political conflicts around the...

Key considerations for cybersecurity when using video conferencing
What are the modern threats of cybersecurity breaches, and how can you ensure your video conferencin...

What does it take to secure your most critical video meetings?
Read why the world's most security-conscious organizations, including DISA, NASA, and global financi...

Applying Zero Trust security for secure video conferencing
Interview with Joel Bilheimer, Strategic Account Architect at Pexip and Kevin Davies, Principal Cons...

Data concerns your organization needs to start addressing right now
Find out from our security expert, Joel Bilheimer, what organizations should consider when it comes ...
.jpg?width=560&name=iStock-1299152059%20(2).jpg)
5 questions you should be asking about your video conferencing data
Product expert John Burnett explains five critical questions your organization should be asking abou...

23 March 2021
Encryption in the Pexip Ecosystem
Joel Bilheimer discusses what encryption and end-to-end encryption (E2EE) mean to an enterprise col...

12 September 2020
Key privacy and security considerations when choosing a video conferencing solution
Giles Chamberlin, Pexip's CTO, discusses some key privacy and security considerations to make when c...

28 August 2020
Upholding privacy and security: How Pexip aligns with the 14 Cloud Security Principles
The National Cyber Security Centre (NCSC) has established 14 Cloud Security Principles to help guide...

26 August 2020
The EU-U.S. Privacy Shield Invalidation: Pexip’s Response and Preparedness
Data privacy is paramount for video communications, and Pexip is committed to keeping your data secu...

Breaking Down Video Conferencing Privacy And Security
This is part one of a podcast series with Futurum Research called Navigate. The six-part series aims...

Secure Cloud Video Conferencing: 3 Key Areas to Consider
Remote working has skyrocketed in response to COVID-19, with IT leaders fast-tracking purchases of c...

How to better secure your video meetings
The concern around the spread of Covid-19 (Coronavirus) has accelerated many of the collaboration tr...

Data privacy is paramount for video communications, and Pexip is committed to keeping your data secure
As more workers stay home to reduce the risk of Covid-19 exposure, the need for collaboration soluti...

How Pexip created a telework policy to support its culture of remote work
As a video conferencing company, remote work is in our DNA. In fact, roughly half of our employees w...

How to Plan for a Successful Video Meeting
Whether you're new to video meetings or simply want to get the most from them, there are a few tips ...

Video communications: The natural choice for business continuity in response to Coronavirus
Concern around the spread of Coronavirus has accelerated many of the collaboration trends we already...

Why Security is Imperative for Video Meetings
Have you seen the movie “Snowden”? In the film, the infamous Edward Snowden (contractor for the NSA)...

13 December 2021
Pexip Statement on Log4j Vulnerability
Read Pexip’s statement on Log4j vulnerability from 13 December 2021