A long time ago, we shared a small office building with two companies. Once you got through the glass door to the lobby you were presented with three doors. Our company and one other installed very strong specialist door locks. The third company had good quality locks, but they were just store bought. One night a thief broke the entrance glass door and then spent a considerable amount of time kicking all the doors. The door with the slightly worse locks gave way and they took all their computers.
This is how security works. At CastCircle we invest in better locks and know that the weakest door is the one that will give way.
We understand that people pose the biggest risk to a network compromise. Therefore, we minimize the access that any team member has to data, use Two-factor authentication and ensure that any internal systems are protected from malware.
We use transport-layer encryption (HTTPS) to protect against leakage over shared networks.
Most traffic is routed by Google’s global network, limiting public hops across the internet.
Every server poses a security risk and can be compromised through malware and OS vulnerabilities.
At CastCircle we avoid using servers at all because if you don’t have servers they can’t be compromised. We use Cloud functions, and occasionally containers.
Customer information that is stored is encrypted. Encryption is automatic. Any new data stored in persistent disks are encrypted with AES 256, and each encryption key is itself encrypted with a regularly rotated set of master keys.
CastCircle is built on circles of people, who succeed by working together.
Circles can be inter-disciplinary, geographically diverse and inter-organizational and scale to thousands of people.
You can evaluate the security of our network but need to contact us before you start. Any vulnerabilities that you find may need to be directed towards are providers, like Google. Through their Vulnerability Reward Program.
SBack-end storage and databases are provided by Google and comply with the latest ISO 27001 standards and SOC 1, SOC 2 & SOC 3
Our proprietary video platform uses 100 distributed server with DoS protection. Channel data is encrypted using AES 256, uses dynamic security keys, and is HIPAA compliant
All data in transit is encrypted using SSL