Layer Helps Companies Create Secure Customer Conversations
There are few things that people value more than their privacy and security. And our communication is one thing we expect to be kept private in most situations, regardless of whether we’re on a phone call, typing emails, or sending mobile messages.
But we’ve all seen the headlines when there’s a major security breach and suddenly emails are being leaked or personal information is compromised.
Now that businesses are embracing consumer messaging platforms, you might have concerns about the security of these mobile communications. That’s why we’re so heavily focused on security and data protection in the Layer Customer Conversation Platform.
We recently achieved full HIPAA compliance, demonstrating our ongoing commitment to powering the next generation of healthcare technology and increasing customer/patient confidence. But our commitment to security goes beyond clients like Accolade in the healthcare industry to financial services and other regulated industries.
The Layer Customer Conversation Platform is built from the ground up with security in mind—and that mindset extends from our company culture to the technology behind the messaging framework.
The Four-Point Commitment to Messaging Security
Regardless of what industry you’re in, Layer is built to securely aggregate communication channels under one messaging roof. There are four points to our security commitment:
- Cloud and Network Infrastructure Security: The Layer Customer Conversation Platform is hosted in Google Cloud Platform data centers. Google Cloud Storage is inherently compliant with a wide array of security frameworks and standards—SSAE16, SOC Framework, ISO 27001, ISO 27017, ISO 27018, and PCI DSS v3.2 to name a few. Not only that, but we focus on defense in depth by hosting Layer in a logically isolated VPC environment and allow access only via encrypted channels.
- Security Compliance: We our recent compliance with HIPAA, but the Layer Customer Conversation Platform is also certified under Privacy Shield to safeguard transatlantic data transfer. In addition to compliance with official regulations, Layer is also flexible enough to meet your own internal security policies and is built with a foundation of industry best practices and regulatory adherence out of the box.
- People Security: At Layer, we’ve worked to instill a security-focused culture for all employees. Each new employee attends Security 101 classes during the on-boarding process and take annual training to keep up with new policies, best practices, and privacy principles. Engineers undergo deeper training, learning about the latest cryptography techniques, attack patterns, and secure coding practices.
- Product Security: None of these security measures would mean anything if Layer wasn’t secure by design. Layer engineers believe in a holistic, architectural approach to security and defense in depth techniques, including federating authentication, internal PKI infrastructure, encryption in motion, encryption at rest, ongoing penetration testing, account credential security, and role-based access control. In addition to these security measures, we host Layer in high availability configurations and ensure business continuity with comprehensive disaster recovery planning.
Brands Shouldn’t Have to Worry About Messaging Security and Privacy
The reason HIPAA compliance is so important to us is that it’s indicative of our fixed focus on enabling organizations to imagine, design, and engage in the perfect conversation with their customers. Not just in healthcare, but in every industry.
You and your customers shouldn’t have to worry about the security and privacy of the ongoing relationship you’re building together. At Layer, we take care of those concerns for you and let you focus on what really matters—delivering a top-notch customer experience.
Mobile messaging is already the universal communication experience. But if you’re still worried about the security of your deployment with Layer, download this free white paper to learn more.