Success is built on trust. And trust starts with information. On this page, you can read about the Hero Outbound platform security, and how this complies with all regular standards. We guarantee you, that your data is in safe hands with us!
Hero Outbound is a Saas solution, roughly consisting of a webapplication and a database. Through the webapplication, you may reach the public telephone network in order to get a full-service solution for your contact center. This is achieved via multiple SIP connections with a number of national and international tele providers, connected via telephony routers to our Freeswitch tele servers and to our application via the CTI solution "TeleManager".
Data is physically hosted in Denmark, in the hosting centers of Global Connect (Taastrup) and InterXion (Ballerup). We are working on establishing a second failover site - and third site in total - for our webapplication, which is the AWS data center in Dublin, Ireland.
Production data is hosted in Denmark only, and no data ever leaves the European Union.
The overall architecture and security setup is illustrated below.
HeroBase as a company has close collaboration with a number of providers within security and compliance. This includes IT auditors (auditing, amongst others, implementation of our IT security policy at a regular basis) and security companies like Fort Consult, conducting penetration tests and other vulnerability tests at a regular basis.
The top five-priorities in everything we do, development and operations wise, are: Security, security, performance, performance and performance. We often spend more than twice the time (sorry to say!), it could take to solve a task, because we want to cover every single security- and maluse aspect in the solution design.
This philosophy has led us to having a state-of-the-art platform, where data is protected in all possible ways, and only securely exchanged between our servers and end-users.
Security precautions include, but are not limited to:
- All data protected behind multiple firewalls
- Databases not available via public internet, only via VPN
- All data transfer takes place over HTTPS only
- Fail2ban are in place in front of publicly exposed services
- All network traffic is monitored, logged and analyzed in real-time, alerting relevant personnel if abnormal patterns are detected
- Users authenticate using instance name, username and password
- IP restrictions can easily be applied to your Hero Outbound account, meaning that logins will only be authenticated when they origin from a list of IP addresses specified by you as a customer
- And a lot more.
Upon request, full descriptions of setup, security and policies are available. Reach out to your Hero Outbound Customer Experience Manager for this.
GDPR, ISO27001 and ISAE 3402
All the above is just "the basics", meaning that your data is of course safe with us.
In terms of data privacy policies, including which data is stored (and for how long), the right to be forgotten, the need for logging (and accessing logs) for all possible access to data, we have been preparing and working towards the EU GDPR for more than a year.
Hero Outbound compliance features include (and are not limited to) easily specifiying an interval for auto-deletion of your (safely protected) data stored in our platform; leads can be black-listed to avoid future contact; logs of all interactions with businesses or private individuals are easily searchable and accessible from the frontend; and all actions within our platform - including data exports - are logged.
ISO27001 has been used as our reference framework for years. Currently, we are working with security and compliance specialists Siscon and IT auditors to validate all our work. Formal proofs include (and are not limited to) an ISAE 3402-statement, which we will collect shortly,
As a summary, security and compliance are top-of-mind aspects in our business - from sales and HR to IT development and operations. We'd always like to tell you more - let your Hero Outbound Customer Experience Manager know, what you want to hear about.
Happy (and secure) working!