DataPlans.io provides a cloud communications platform for a wide range of customer and business needs. Recognizing the importance of information security, we invest considerable time and effort into ensuring our platform is secure. This page outlines some of the steps we take to protect your account and information. For further questions, please contact your Account Manager or [email protected].
DataPlans.io servers are hosted by Google Cloud Platform and Digital Ocean in data centers in the United States and South East Asia. Google Cloud Platform provides us with hardware, network connectivity and secure physical space relating to our customer data. Google Cloud Platform is compliant with ISO/IEC 27001 and other standards, and security information about their data centers.
We use logical access control to protect our servers from unauthorized system access, allowing only trusted operations personnel to manage our systems. We also make sure to use strong configuration standards to harden our servers, and we keep them up-to-date with the latest security patches.
We support strong cryptography for communication over public networks, so that your DataPlans.io Dashboard password, API secret, and contents of your communications may be protected in transit as set forth below.
Type of communicationSecure protocols usedOther protocols usedBetween customers and DataPlans.io APIsHTTPS, SMPP-over-SSL, SIPS, SMPP-over-IPsecSMPP, SIP, RTPDataPlans.io DashboardHTTPS–
We still support unencrypted protocols on the customer side in response to customer demand, but we strongly encourage customers to use secure protocols. Rest assured, the security of your data is unaffected by the communications protocols used by DataPlans.io’s other customers because of the logical segregation between customer accounts.
In connection with the provision of our services, DataPlans.io has secured direct relationships with telecommunications carriers and similar services providers around the globe. We opt for secured communication with carriers when available.
We have rate limiting in place on API calls and DataPlans.io Dashboard logins to prevent brute force attacks. Password complexity requirements are enforced on API secret and DataPlans.io Dashboard password.
DataPlans.io Dashboard passwords are cryptographically hashed before storing in our database.
The DataPlans.io Dashboard supports 2-factor authentication (2FA using DataPlans.io Verify) when elected for customers who want to add an additional access control. If this is enabled, DataPlans.io Dashboard logins require an additional verification code, which is sent by SMS or automated phone call to the phone registered on your account, to be entered when logging in from an IP address which differs from the one used on the previous successful login.
On request, we can enable restrictions on a DataPlans.io Dashboard account such that it can only be logged into from specified IP addresses.
Accounts are logically segregated from each other, and we use role-based access control within our company for access to systems and information.
DataPlans.io is committed to supplying a highly available platform and we do our best to minimize outages. Through use of a content delivery network, geographically redundant data centers, and redundancy within each data center, we ensure failovers exist at several levels to maximize uptime.
Information about availability and outages can be found on our status page.
We also take regular offsite backups of important data to ensure business continuity.