Always encrypted data
Our Customers’ sensitive data is encrypted at every step of the way. We never receive or transmit unencrypted account information. We first encrypt it in the browser then re-encrypt with an even more secure algorithm (GPG RSA 3072-bit) once it reaches our servers. We are using the highest SSL certificate, and our client-server communication is being made through HTTPS only.
Inside our data centers, only a specialized set servers which have our private RSA key are able to read the encrypted blobs. These servers accept no incoming connections of any kind so their instances must be killed and manually redeployed using strict security procedures when any changes are needed. All web connections are sent via 256-bit DigiCert High Assurance EV CA-1 SSL.
Teamed with Amazon Web Services
Spotinst is an official solution provider for Amazon Web Services.
Find us in the AWS Partners Portal.
Secure data centers
Spotinst’s data is stored on Amazon Web Services data centers that have achieved ISO 27001 certification, PCI DSS Level 1 compliance, and SAS70 Type II.
Learn more about Amazon Web Services security.
Strict security and key management procedures
Staff members do not have the ability to decrypt encrypted account data, and we use extensive best practices to keep your sensitive information secure. If you’d like more details about our approach to security, we’d be happy to arrange a call with a member of your team,Contact us.