The technical details of Dubber's security measures
At Dubber, we take security very seriously. As a native cloud platform, Dubber have been designed to provide maximum functionality with sophisticated security systems, leveraging cutting edge cloud technologies. Our security practices are developing all the time to ensure that data is protected at every stage of the communication capture process and beyond to storage and analysis. This white paper contains detailed technical information about the following security measures:
Dubber also monitor and log all activity across our platform to maintain real-time updates of its status, including system logging and full audit trails of all activity within Dubber. These measures include alert notifications for when specific events occur or thresholds are exceeded and making use of log aggregation to gather entries from various log files into one place to streamline investigation. Dubber also carries out constant testing, including penetration tests.
All data traffic is encrypted at each stage of the Dubber call recording process, using one of the strongest block ciphers available: 256-bit advanced encryption standard (AES-256). Every protected object is encrypted with a unique encryption key that is then itself encrypted with a regularly rotated master key. Dubber supports a variety of access permissions and team hierarchies to ensure that call data is restricted only to the appropriate users and team members.
Each Dubber region is fully sovereign: data collected and stored is only accessible in that region and data never passes between regions. Dubber operates a multi-tenant platform that is effectively partitioned with granular storage and access to the data isolated for each tenant. Within each geographical region, the Dubber platform is managed across multiple data centres: making use of the inherent nature of cloud infrastructure to enable Dubber to offer unique levels of availability, scalability, and redundancy.
The state of the art data centres that Dubber uses benefit from innovative architectural and engineering approaches. Physical access is strictly controlled and two-factor authentication is required by staff to access the data centre floors.
1 Step 1