At Mio, security is a crucial requirement for the delivery of our service. Mio is SOC 2 Type II certified and is committed to keeping your data secure. We understand that your company communications require the highest level of protection.
Here's how we keep our operations secure:
- Security by design: We incorporate security into our products from day one. All projects undertaken by Mio are subject to risk assessment to ensure we don't compromise our underlying policies.
- Organizational security: Our teams understand the importance of keeping your data secure. At Mio, we also enforce industry-standard authentication and authorization methods.
- Protecting your data: We classify data to provide the highest possible security for your online messaging. We'll avoid persistent or temporary storage of your data whenever possible.
- Data encryption: All data transmitted via Mio uses the TLS 1.2 protocol. Sensitive payloads are encrypted using AES-256 or equivalent cyphers.
- Authorizing access: We do not store plain text passwords or other sensitive credentials. Where possible, we ask users to use platform partner authentication systems, and only store encrypted token credentials for users.
- Network security: Public access to Mio is restricted to limited front-end servers with a minimal open ports.
- Internal access: Data access for Mio employees is tiered and restricted by both VPN and IP credentials. We work on the principle of least privilege.
- Software security: Our systems and servers are actively monitored and regularly updated with the latest patches as needed. All new servers are hardened before deployment, and we work regularly with external auditors, who test our systems.
- Legal compliance: We have strict guidelines to follow regarding data privacy and security. Mio commissions dedicated legal professionals to help meet legal requirements too.
- Change control: All application software deployed and built by Mio is subject to version control. Prior to each release, software is tested extensively.
- System monitoring: To improve our level of service, Mio may inspect and log traffic passing over systems. However, administrative access is required to access this information.
To learn more about security at Mio, check out our security white paper.