We focus our efforts on creating and maintaining state of the art security measures based on the current market and technology standards. SpinOne’s engineers constantly improve security levels and features of our platform as a vital part of their ongoing activities. Today, SpinOne provides the following security practices to its end users:
SpinOne is an official Amazon Technology Partner. It means we have strong expertise in development, architecture, design, and security for cloud apps.
Spin Technology uses AWS Shared Responsibility Model that provides top-level security of the cloud to its customers which holds the following assurance programs: SOC1, SOC2, SOC3, ISO 9001, ISO 27001, HIPAA, MPAA, FISMA, FERPA, CJIS, CSA, DIACAP, FedRAMP, ITAR, FIPS 140-2, G-Cloud, PCI DSS Level 1.
The architecture of SpinOne is designed not to allow SpinOne employees to access user data. We don’t have employees who can access users’ accounts. This data, quite simply, cannot be accessible at any stage by any third party, including the staff of SpinOne. There are strict rules and access control levels that protect user’s information from unauthorized access.
SpinOne utilizes Amazon Web Services ( AWS cloud infrastructure ) currently the world’s most advanced cloud ecosystem. It provides flexibility, reliability, performance and security in the cloud.
SpinOne encrypts users data in the cloud. It uses the highest level of encryption methods for transferring (“in-transit”), processing (“in use”) and storing (“at-rest”) your data. The same data encryption mechanisms are used in Amazon EC2 and Amazon S3. To protect data security during electronic transmission, users data is encrypted using 256-bit AES algorithms. Using AWS, SpinOne employees utilize token and key-based authentication to access our servers. Amazon EC2 creates a 2048-bit RSA key pair, with private and public keys and a unique identifier for each key pair to help facilitate secure access. Our administrators also utilize a command-line shell interface, Secure Shell (SSH) keys, or sudo to enable additional security and privilege escalation.
SpinOne never requires Google user credentials. We don’t store your passwords on our servers. It cannot access passwords as it uses OAuth 2.0 to access your Google account data, the latest Google API, which allows two-step verification.
We DO NOT provide any kind of information about any account to any organization.