Our corporate culture is built on a strong sense of responsibility to ensure the privacy and security of our customers. This means that we respect the trust that we are given and even invite customers to audit their own data, as well as Pexip’s privacy and security practices. As a vendor, we see ourselves as an extended arm of your company, tasked to deliver a collaboration solution that is both high quality and secure.
All clients have high expectations when it comes to privacy and security, but some have a bit higher than others, such as healthcare, finance, and government, where regulations are typically more stringent. This demands greater choice in solutions, to meet the individual needs of companies. Pexip can be deployed in any way that suits your organization’s technology and infrastructure requirements.
Pexip is committed to upholding high standards of information security, privacy and transparency for its customers, partners and employees.
We offer security-first, enterprise-grade video conferencing solutions using industry-standard encryption and security protocols to maintain privacy and security. Compliance and certifications of the Pexip solution include:
Our Pexip Information Security Management System (ISMS) is developed and maintained according to the ISO/IEC 27001:2013 standard and audited by DNV GL. This means:
Security-first enterprise solutions
The Pexip Infinity self-hosted solution supports the industry standards for communication encryption for end-user devices, ensuring that communication is secure and kept private even if it crosses the internet. Customers can run the entire meeting platform on-premises, in a private cloud of their choice, or using a hybrid between the two, benefitting from the security measures they already have in place as well as those implemented by their cloud provider. Self-hosted solutions also allow customers to ensure they meet any compliance requirements on data storage and privacy. Read more about our encryption methodology for Pexip Infinity self-hosted services.
The Pexip Service leverages the best-in-class industry standards for communication encryption for meetings and end-user devices, ensuring that communication is secure and kept private. The service is operated and managed by Pexip using industry-leading facilities and includes multiple layers of security. These layers range from human and personnel security to compliance with relevant standards such as SOC2, SSAE16, and ISO 27001. Read more about our data and security compliance.
Visit www.pexip.com/security for more information and resources.
The Pexip platform has been rigorously tested and certified
Beyond the application of our own secure development and testing practices, we have contracted with some of the most widely recognized third-party organizations to independently verify that our products conform to the most stringent requirements.
U.S. Department of Defense (DoD) Joint Interoperability Test Command (JITC)
Pexip Infinity is a U.S. Department of Defense (DoD) Joint Interoperability Test Command (JITC) certified product. The Pexip Infinity platform has been rigorously tested against cyber security and interoperability (IO) requirements to ensure the system not only protects the integrity of the networks on which it is installed but will fully interoperate with all other Unified Capabilities (UC) platforms already installed on customer networks.
Federal Information Processing Standard (FIPS) Publication 140-2
Pexip Infinity includes a FIPS 140-2 compliant encryption module. This allows public and private sector customers around the globe to reference a generally accepted process used to secure data within the Pexip Infinity platform.
Health Insurance Portability and Accountability Act (HIPAA)
Use of the Pexip Cloud videoconferencing service in health care applications is fully compliant with the Health Insurance Portability and Accountability Act (HIPAA). HIPAA provides guidance and imposes strict obligations on the collection, storage, use, and disclosure of Protected Health Information (PHI) pertaining to patient medical information. Parties subject to HIPAA compliance requirements must process patient medical data in such a way as to restrict access to authorized persons and protect patient privacy.
Pexip keeps your privacy and protects your data
The Pexip service is developed and operated by highly skilled engineers in Norway, the UK, the US, and Australia and strictly follows our ISO 27001 certified information security policies. We do our utmost to make sure your data is private, protected, secure, and compliant with all relevant privacy regulations such as General Data Protection Regulation (GDPR)/EU Regulation 2016/679.
Pexip’s sole purpose is to provide a secure and reliable conference platform for business to business communication. Pexip does not, and will not, sell personal data to other organizations. We use it only to provide a better service to customers. We do not and will not ever sell or share your data with third parties for commercial reasons. We make every effort possible to keep your information private. Read more about our commitment to privacy.