Security & Privacy at Botcopy
Managing our customer data is more than just a responsibility to be met, it’s something our company is truly passionate about. We believe our customer’s trust is something that must be earned every day. To achieve that, we do more than just follow policies and check boxes, we instill awareness and best practices in our culture so that security and data privacy are top of mind when designing our application, managing our networks, and conducting daily business operations.
Top Security & Privacy Features
Botcopy is exclusively hosted on AWS who provides robust, physical data center security and environmental controls. Botcopy corporate offices all require badge access for entry, maintain video surveillance, and require all visitors to sign in and be accompanied when present.
Botcopy controls access to our production networks through the use of strictly defined rules and requires multi-factor authentication and encrypted connections. We also utilize intrusion detection systems in our production network and advanced email filtering in our corporate network to identify potential security threats.
Botcopy employs both internal and external testing of our product. We regularly scan source code and systems for vulnerabilities and perform necessary patching and updates based on those results. Our NLP is hosted from Dialogflow and we comply with their Oauth in order to host your agent. On an annual basis, we utilize a nationally recognized firm to test our application and network to provide ourselves and our customer's assurance that data is being robustly protected.
Training and Awareness
Botcopy requires all employees and contractors to sign a confidentiality agreement prior to commencement. During the onboarding process, security awareness training is delivered to all new hires and we continually publicize security alerts through our internal communication channels.
Backup and Disaster Recovery
Botcopy utilizes geographically separate environments to ensure data availability and uptime. In the unlikely event of simultaneous failure of both environments, Drift maintains daily backups, meaning that the RPO is no greater than 24 hours.
Botcopy encrypts data in transit and at rest on our servers utilizing recognized encryption protocols. At end-of-life, AWS destroys disks per NIST 800-88 standards.
Botcopy & GDPR