All browser connections and communication is transmitted over HTTPS, ensuring data privacy and integrity. Our servers only support the highest level of encryption 256-bit cipher suites TLS 1.2 or TLS 1.3, protecting against unauthorized disclosure, modification, and replay attacks.
Userback maintains a strict policy for assigning and distributing keys which may access any production or development systems.
We use a third-party, top-tier datacenter that maintains several industry-recognized certifications, including FedRAMP, ISO, SOC, PCI, and more.
Our hosting provider is also compliant with numerous regulations, privacy standards, and frameworks, including HIPAA, HITECH, GLBA, the EU Data Protection Directive, EU-US Privacy Shield, FISMA, and more than 30 others.
All infrastructure used by the Userback product uses industry standard full disk encryption.
All Userback portable computing devices are required to employ full disk encryption regardless of their intended use or the data stored on them.
All staff and contractors go through a vetting process where they are subject to background checks and confidentiality agreements.
We provide an ongoing program of security awareness training designed to keep all members of staff informed and vigilant of security risks. This includes regular assessment of comprehension to measure the program’s effectiveness.
Userback adheres to the Australian Privacy Act 2003, Section 2 of the Information Privacy Act 2009, the Australian Privacy Principles and is compliant with the EU GDPR legislation.