Mio takes the security of customer data extremely seriously and uses appropriate encryption strategies at every stage of its journey over our systems.
When data is in transit between connected platforms, Mio will connect to the API using TLS 1.2 or later, typically over the HTTPS protocol. For data at rest, data will be encrypted with a minimum industry standard of AES-256 encryption. Mio classifies all customer data, and as a minimum all our persistent storage has file storage encryption enabled. For higher classified data, we will perform additional encryption at the field level using an HSM backed AWS KMS service.
End-to-end encryption between platforms via Mio is not currently possible because Mio must be granted access to a plain text version of the chat message in order to translate it to the target platform. Unless chat platforms themselves choose to adopt a universal messaging format, Mio will require temporary access to the raw underlying message to be able to translate and apply the correct markup for the target.
Messages processed by Mio are never stored in an unencrypted format. Inbound events are immediately encrypted and only decrypted on demand when a transformative action is required. Translation typically occurs in milliseconds and in memory, greatly limiting exposure and potential attack vectors. Once translation and delivery is complete, the original and translated payloads are destroyed.