In addition to our unwavering commitment to powering Smart Payment Agreements, Paypa Plane implements state-of-the-art encryption protocols and employs experienced cybersecurity experts who continuously monitor and update our systems to safeguard sensitive financial information and data.
By prioritising the protection of our clients' data, we instil confidence and trust, enabling our partners to build long-lasting relationships with their customers.
At Paypa Plane, we prioritise the highest level of information security.
We are proud to be ISO 27001 certified, an internationally recognised standard for information security. Our adherence to this certification demonstrates our ongoing commitment to implement, maintain, and improve an information security management system within our organisation.
Paypa Plane retains SOC2 Type 2 Certification by meeting the Trust Services Criteria for Security.
This certification validates that our system is designed and maintained with robust security measures in place and ensures that our platform operates securely and reliably over an extended period.
Paypa Plane operates in a cloud-based environment in both AWS and Azure, implementing strict mechanisms to ensure resiliency and business continuity.
These platforms provide the highest security standards, which are leveraged by a broad range of industries including banking, government, and security agencies.
All Paypa Plane web application and API communications are encrypted in transit over Transport Layer Security (TLS) v1.2 or later, and all data at rest is encrypted using AES-256 encryption. We rely on Azure Key Vault to securely maintain our cryptographic encryption keys.
We prioritise the security of our operations by ensuring that all Paypa Plane team members undergo comprehensive background checks before commencing employment, emphasising the importance of trust and integrity in our workforce.
We also enforce strict security protocols by requiring our staff to acknowledge our robust security policy and sign a confidentiality agreement, reinforcing our commitment to maintaining the confidentiality of our clients' sensitive information.
To further enhance security measures, we ensure that our employees utilise unique logins for all systems and enforce two-factor authentication for any systems handling restricted information, adding an extra layer of protection against unauthorised access.
We conduct regular user access reviews to closely monitor and manage user permissions, adhering to the principle of least privilege to limit access to sensitive data only to those who require it for their specific roles and responsibilities.
These stringent measures enable us to maintain a robust security posture and safeguard our clients' valuable data effectively.
We take comprehensive measures to ensure the physical and digital security of our operations. As part of our efforts, all employee laptops are managed using Mobile Device Management (MDM) software, which enforces stringent controls such as hard drive encryption and anti-virus software, providing an added layer of protection against potential data breaches.
Our headquarters are equipped with key fob access doors, effectively restricting unauthorised entry. To further bolster security, we maintain a closed-circuit television (CCTV) camera system that continuously monitors and records all entrances and exits, while an alarm system serves as an additional safeguard for our premises.
These physical security measures complement our robust digital security protocols, reinforcing the overall integrity and trustworthiness of our operations.
