Pexip uses industry-standard encryption and security protocols to control access and to prevent unwanted audiences from listening in.

To provide information security in areas that encryption cannot address, Pexip has been developed from the ground up within the constraints of a Defense-in-Depth cybersecurity architecture. Our cyber architecture focuses on applying a holistic approach to security and is designed to address all aspects of the threat model, including application, network, and operational security elements.

Pexip has a very sophisticated Software Development Life Cycle (SDLC), because we know that as an application, we are going to be constantly rolling out new features, new capabilities, and patching and fixing things. We have a solid internal culture built on strong privacy and security practices. Our security practises focus on the organisation as a whole; from organisational security procedures, to our people hiring policies and employee security policies, to where and how our products are developed. 

Pexip is committed to upholding high standards of information security, privacy and transparency for its customers, partners and employees.

We do our utmost to make sure your data is private, protected, secure, and compliant with all relevant privacy regulations such as General Data Protection Regulation (GDPR)/EU Regulation 2016/679.

Our video collaboration platform strictly follows our ISO 27001 certified information security policies and is continuously tested with technology providers including Microsoft, Google, Cisco, and Poly to ensure high-quality video conferencing between platforms.

Read more about our commitment to Privacy. 

Our Pexip Information Security Management System (ISMS) is developed and maintained according to the ISO/IEC 27001:2013 standard and is independently audited by DNV GL.

What does this mean for you as a customer?

• We have formalized internal information security best practices and implemented the practices from the ISO/IEC 27001:2013 standard. 
  
  
• We have formalized a management review of the information security management system and its performance.
  
  
• Our company meets the requirements of relevant regulatory, contractual, and other legal obligations.
  
  
• We are committed to meeting regulatory compliance with international laws and demonstrate worldwide recognition of excellence by employing an international framework with specific codes of practice.
  
  
• We are committed to proactively testing both our software solution and service to ensure they meet high security standards. We conduct both Static and Dynamic Application Security Testing (SAST/DAST), as well as active penetration testing with a certified auditor.

Whitepaper: Video Conferencing & Zero Trust Security: Why Should You Care?

Learn how Zero Trust (ZT) is shaping the future of data security and how to optimize your ZT environment with Pexip.

Whitepaper: Pexip and the NCSC's Cloud Security Principles

The UK’s National Cyber Security Centre has specified 14 Cloud Security Principles (CSPs) to inform organizations how to configure, implement and operate cloud services in a secure manner. This whitepaper reflects safeguards employed by Pexip in the context of these CSPs.