Safe and secure

Security is paramount to us. We work hard to follow the best practices and are extremely protective of it.

Security at Spike.sh

ISO and FedRAMP data centers

Our data centers provides a standardized approach to security and risk assessment, authorization and continuous monitoring, essential for organizations of all sizes.

HTTPS and HSTS communication

All communications from client to servers and inter-communication of server-to-servers are securely done over secure TLS. We also use HSTS to force browsers into communicating over HTTPS

Limited access to production

A clear process dictates and limits access to our production. A very small set of verified, trusted individuals get access and the rest use simulated environments to fix issues, if need be.

Secure payments processor

Our payments provider, Stripe, has been audited by a PCI-certified auditor and is certified to PCI Service Provider Level 1. This is the most stringent level of certification available in the payments industry.

Backups deleted for privacy

All backups are encrypted and stored at multiple data centers with limited access. As part of privacy, we also delete your data from backups upon request.

Data encryption

All data is ecrypted at rest with AES-256. Sensitive information such as Phone numbers, emails and OAuth tokens are safely encrypted and cannot be transferred in plaintext.