Security

Voyc.ai security procedures and policies according to industry best practices.

Lethabo Motsoaledi avatar
Written by Lethabo Motsoaledi
Updated over a week ago

Summary

Since its creation in 2018, Voyc.ai security procedures and policies have evolved according to industry best practices. We understand that placing sensitive conversations on our web platform can involve security approval, and this document is intended to help you cover basic issues with getting Voyc.ai’s software as a service web application approved in your organisation.

The Basics

Voyc.ai currently runs React, JavaScript,  Django and Python with PostgreSQL. We use ReactJS for the front end of the web platform and Django to manage the back end and databases.

We will not use information gathered from you or research participants in any way, except as described when you agreed to provide it. 

Furthermore, any other data or information you provide us (including images, email addresses, etc.) will otherwise be held securely. We will never share your information with third parties for marketing purposes, and don’t engage in cross-marketing or link-referral programs with other sites. If you have opted-in, we will send you updates and information on Voyc.ai occasionally, but you can always unsubscribe.

Data in Research Projects

Voyc.ai is a hosted SaaS that allows our customers to create personas and customer journey maps from qualitative interview recordings. Our customers use our service to analyse audio, video, text or images which form part of a customer discovery research project. We have no control over how Voyc.ai customers use the personal data submitted by users to their Voyc.ai platform, except if they violate the Voyc.ai Customer Terms & Conditions, which state that they should only be using Voyc.ai for purposes related to usability or ethnographic research. If you suspect someone has violated these terms, please contact us. 

Research participants may have any relationship to our customers, and Voyc.ai only acts as a Data Processor (a company that processes Personally Identifiable Information on behalf of a Data Controller) so that each Voyc.ai Customer acts as a Data Controller (a company that determines the purposes for which and the means by which the Personally Identifiable Information is processed). To process information means to carry out an operation or set of operations on the information, such as collecting, recording, storing, disclosing, or organizing it. Information that Research participants provide to Voyc.ai Customers passes through our service and resides on our servers, in the most secure manner adhering to industry guidelines. That information may be stored and processed in the United States or any other country in which Voyc.ai or its affiliates, subsidiaries or agents maintain facilities. The full list of privacy terms can be found here: voyc.ai/privacy.

Physical Security - AWS

Voyc.ai runs on AWS. Below are the specifications for AWS’ physical data centres.

Secure Design

Site Selection

Prior to choosing a location, AWS performs initial environmental and geographic assessments. Data center locations are carefully selected to mitigate environmental risks, such as flooding, extreme weather, and seismic activity. Our Availability Zones are built to be independent and physically separated from one another.

Redundancy

Data centers are designed to anticipate and tolerate failure while maintaining service levels. In case of failure, automated processes move traffic away from the affected area. Core applications are deployed to an N+1 standard, so that in the event of a data center failure, there is sufficient capacity to enable traffic to be load-balanced to the remaining sites.

Availability

AWS has identified critical system components required to maintain the availability of our system and recover service in the event of outage. Critical system components are backed up across multiple, isolated locations known as Availability Zones. Each Availability Zone is engineered to operate independently with high reliability. Availability Zones are connected to enable you to easily architect applications that automatically fail-over between Availability Zones without interruption. Highly resilient systems, and therefore service availability, is a function of the system design. Through the use of Availability Zones and data replication, AWS customers can achieve extremely short recovery time and recovery point objectives, as well as the highest levels of service availability.

Capacity Planning

AWS continuously monitors service usage to deploy infrastructure to support our availability commitments and requirements. AWS maintains a capacity planning model that assesses our infrastructure usage and demands at least monthly. This model supports planning of future demands and includes considerations such as information processing, telecommunications, and audit log storage.

Business Continuity & Disaster Recovery

Business Continuity 

The AWS Business Continuity Plan outlines measures to avoid and lessen environmental disruptions. It includes operational details about steps to take before, during, and after an event. The Business Continuity Plan is supported by testing that includes simulations of different scenarios. During and after testing, AWS documents people and process performance, corrective actions, and lessons learned with the aim of continuous improvement.

Pandemic Response

AWS incorporates pandemic response policies and procedures into its disaster recovery planning to prepare to respond rapidly to infectious disease outbreak threats. Mitigation strategies include alternative staffing models to transfer critical processes to out-of-region resources, and activation of a crisis management plan to support critical business operations. Pandemic plans reference international health agencies and regulations, including points of contact for international agencies.

Physical Access

Employee Data Centre Access

AWS provides physical data center access only to approved employees. All employees who need data center access must first apply for access and provide a valid business justification. These requests are granted based on the principle of least privilege, where requests must specify to which layer of the data center the individual needs access, and are time-bound. Requests are reviewed and approved by authorized personnel, and access is revoked after the requested time expires. Once granted admittance, individuals are restricted to areas specified in their permissions.

Third-party Data Centre Access

Third-party access is requested by approved AWS employees, who must apply for third-party access and provide a valid business justification. These requests are granted based on the principle of least privilege, where requests must specify to which layer of the data center the individual needs access, and are time-bound. These requests are approved by authorized personnel, and access is revoked after request time expires. Once granted admittance, individuals are restricted to areas specified in their permissions. Anyone granted visitor badge access must present identification when arriving on site and are signed in and escorted by authorized staff.

Monitoring & Lagging

Data Centre Access Review

Access to data centers is regularly reviewed. Access is automatically revoked when an employee’s record is terminated in Amazon’s HR system. In addition, when an employee or contractor’s access expires in accordance with the approved request duration, his or her access is revoked, even if he or she continues to be an employee of Amazon.

Data Centre Access Logs

Physical access to AWS data centers is logged, monitored, and retained. AWS correlates information gained from logical and physical monitoring systems to enhance security on an as-needed basis.

Data Centre Access Monitoring

We monitor our data centers using our global Security Operations Centers, which are responsible for monitoring, triaging, and executing security programs. They provide 24/7 global support by managing and monitoring data center access activities, equipping local teams and other support teams to respond to security incidents by triaging, consulting, analyzing, and dispatching responses.

Surveillance & Detection

CCTV

Physical access points to server rooms are recorded by Closed Circuit Television Camera (CCTV). Images are retained according to legal and compliance requirements.

Data Center Entry Points

Physical access is controlled at building ingress points by professional security staff utilizing surveillance, detection systems, and other electronic means. Authorized staff utilize multi-factor authentication mechanisms to access data centers. Entrances to server rooms are secured with devices that sound alarms to initiate an incident response if the door is forced or held open.

Intrusion Detection

Electronic intrusion detection systems are installed within the data layer to monitor, detect, and automatically alert appropriate personnel of security incidents. Ingress and egress points to server rooms are secured with devices that require each individual to provide multi-factor authentication before granting entry or exit. These devices will sound alarms if the door is forced open without authentication or held open. Door alarming devices are also configured to detect instances where an individual exits or enters a data layer without providing multi-factor authentication. Alarms are immediately dispatched to 24/7 AWS Security Operations Centers for immediate logging, analysis, and response.

Device Management

Asset Management

AWS assets are centrally managed through an inventory management system that stores and tracks owner, location, status, maintenance, and descriptive information for AWS-owned assets. Following procurement, assets are scanned and tracked, and assets undergoing maintenance are checked and monitored for ownership, status, and resolution.

Media Destruction

Media storage devices used to store customer data are classified by AWS as Critical and treated accordingly, as high impact, throughout their life-cycles. AWS has exacting standards on how to install, service, and eventually destroy the devices when they are no longer useful. When a storage device has reached the end of its useful life, AWS decommissions media using techniques detailed in NIST 800-88. Media that stored customer data is not removed from AWS control until it has been securely decommissioned.

Operational Support Systems

Power

Our data center electrical power systems are designed to be fully redundant and maintainable without impact to operations, 24 hours a day. AWS ensures data centers are equipped with back-up power supply to ensure power is available to maintain operations in the event of an electrical failure for critical and essential loads in the facility.

Climate & Temperature

AWS data centers use mechanisms to control climate and maintain an appropriate operating temperature for servers and other hardware to prevent overheating and reduce the possibility of service outages. Personnel and systems monitor and control temperature and humidity at appropriate levels.

Fire Detection & Suppression

AWS data centers are equipped with automatic fire detection and suppression equipment. Fire detection systems utilize smoke detection sensors within networking, mechanical, and infrastructure spaces. These areas are also protected by suppression systems.

Leakage Detection 

In order to detect the presence of water leaks, AWS equips data centers with functionality to detect the presence of water. If water is detected, mechanisms are in place to remove water in order to prevent any additional water damage.

Infrastructure Maintenance

Equipment Maintenance

AWS monitors and performs preventative maintenance of electrical and mechanical equipment to maintain the continued operability of systems within AWS data centers. Equipment maintenance procedures are carried out by qualified persons and completed according to a documented maintenance schedule.

Environment Management

AWS monitors electrical and mechanical systems and equipment to enable immediate identification of issues. This is carried out by utilizing continuous audit tools and information provided through our Building Management and Electrical Monitoring Systems. Preventative maintenance is performed to maintain the continued operability of equipment.

Governance & Risk

Ongoing Data Centre Risk Management

The AWS Security Operations Center performs regular threat and vulnerability reviews of data centers. Ongoing assessment and mitigation of potential vulnerabilities is performed through data center risk assessment activities. This assessment is performed in addition to the enterprise-level risk assessment process used to identify and manage risks presented to the business as a whole. This process also takes regional regulatory and environmental risks into consideration.

Third-Party Security Attestation

Third-party testing of AWS data centers, as documented in our third-party reports, ensures AWS has appropriately implemented security measures aligned to established rules needed to obtain security certifications. Depending on the compliance program and its requirements, external auditors may perform testing of media disposal, review security camera footage, observe entrances and hallways throughout a data center, test electronic access control devices, and examine data center equipment.

Application Security

The application uses encrypted passwords in a POSTGRES database and does not give anyone access to passwords. There are no shared accounts, and Voyc.ai does not have access to login credentials for any users. We can reset passwords but that’s it. 

Automated Security Scans

We currently run several automated security scanning tools, and run reports at least once per quarter, but often more frequently than that, especially if we’re deploying major features.

External Penetration Tests

Once a year, we hire an outside firm to run an official penetration test. Most recently, that was Astra, but we can use another vendor by customer Request.

Code Review

Since we’re such a small team, all code is reviewed by pretty much everybody. With three developers there is no chance for any code to make it into the application that is not authorized. 

Compliance and Security Standards

We have developed a formal process for ensuring compliance with security standards, and we are obsessed with making sure our servers always have the latest patches applied. Developers are trained in security standards as much as possible, and we retain the services of Securicy to assist with that as well.

GDPR Compliance

Voyc.ai is in full compliance with GDPR. Read more here: https://voyc.ai/gdpr 

 

Data Transmission

Each customer can choose to access Voyc.ai via SSL and use the various features of the platform via SSL. Voyc.ai maintains an updated certificate and can require secure access at customer’s request.

Information Security Policy

Data Handling & Disposal

Industry best practices, along with automatic data expiration options per GDPR above.

Development Environment

We use a secure Github repository - industry standard.

Security Hardening

With only the SSL-encrypted Github repositories, 3rd Party Transcription Services, and AWS secure data facility in Ireland, the Voyc.ai system has the most limited points of vulnerability. We can offer an additional audit using a service provider of your choice at an additional cost.

Change Management - Git

Voyc.ai uses Git to manage change in the codebase - also industry standard.

Remote Access

The only remote access to Voyc.ai servers is through the SSH - each of the three developers has a unique key and access is closely monitored. We do require two factor authentication mechanisms.

Mobile Device Access

No Voyc.ai employees can gain access to Voyc.ai servers using their mobile device.

Vulnerability Management

We monitor which ports are exposed to outside access, and track any sudden changes.

Employee Access

If an employee is terminated, accounts are immediately removed from all data sources - AWS, Google,  Github, etc. Device wipes are performed manually.

User Account Administration

Issuing Accounts

There are three types of accounts in the Voyc.ai infrastructure - application accounts available to the public, paid accounts, and administration accounts. Administration accounts are only issued to Voyc.ai employees and require encrypted passwords. The other two account types allow user-selected passwords and are stored with a hash in the PostgreSQL DB. The identity of users must be authenticated before providing them with account and password details.

Password Changes

We do not send passwords via email but offer unique password reset links - standard industry best practice.

Shared Accounts

Use of shared accounts is not allowed, but pursuant to the reality of the internet, we don’t use IPtracking to prevent this practice among our users, since it is unreliable.

API & System Standards

Access to Voyc.ai via secure token in the API may grant access to certain customer-defined data associated with a given project, but that is entirely up to each customer and their user of the API. For example, if customer wishes to access our transcriber API, Voyc.ai may pass that data securely. More information on this can be found here: help.voyc.ai

Account Cancellations & Permanent Deletion

For any permanently cancelled Customer account, Voyc.ai will automatically and permanently wipe all customer data from all servers within 24 hours of account deletion, including backup servers and subprocessors. Customer will receive email notification immediately upon deleting their account.

Access Requests

The approval process for handling system or application access requests is that Lethabo, Voyc.ai’s  Security Officer has to approve each one. Accounts are reviewed constantly because there are only three administrators.

Disaster Planning

Physical Facility

Remote backups are performed regularly and stored in a different physical location from the main servers. AWS provides UPS, generators, and sophisticated real-time monitoring.

Data Safety

All company information, design, and code management is stored redundantly across several
locations.

Maximum Allowable Recovery Time

In case of  a disaster. Despite being a small team,  we’ll go as fast as we possibly can.

Disaster Simulation and Testing

We never have, but if you are willing to pay for it, we’ll happily simulate and test away. Earthquake, Fire, or Hurricane? We’ll test it.

For any additional information, contact infosec@voyc.ai

Did this answer your question?