Security and Infrastructure

Built to secure and support global enterprise

We’ve developed a best-in-class workforce communications platform for some of the largest, most complex organizations in the world.

Security

Certifications

Trusted security with the highest standards

Our industry-leading security, privacy and compliance processes ensure your data is safe and there when you need it. We adhere to industry best practices to protect our customers’ data throughout its life cycle on our platform.

aicpa

SOC 2, Type 2

ccpa logo

California Consumer Privacy Act (CCPA)

eu gdpr

GDPR Compliant

csa logo

Cloud Security Alliance

ISO Logo

ISO 27001:2022 Certified

Customer Trust

Companies that rely on Firstup

Leading brands with some of the world’s largest workforces know they can count on our platform.

amazon customer logo@x
ford customer logo@x
hilton customer logo@x
boeing customer logo@x
dow customer logo@x
pfizer customer logo@x

Product Security

Protect your data

Advanced security settings give you the power and flexibility to control your content while giving the right level of access to those who need it.

Control who has access to what with flexible authentication, including support for single sign-on, email/passwords, usernames or even HRIS file syncs.

Grant the right level of permissions and access to different user groups based on their needs.

Control who can interact with pieces of content or entire content channels. Set privileges for visibility, liking, commenting and sharing based on criteria like role or location.

Get reports on usage, including commenting, sharing, publishing and more, so you know who’s doing what with your data.

security protect

Platform Security

Secure the entire experience

Our cloud-native platform helps guarantee security and resiliency. Our data is hosted on Amazon Web Services, so it’s protected by Amazon’s industry-leading security features.

security features

Platform security features

  • Data encrypted using industry standard AES 256-bit encryption in transit and at rest
  • Mobile-native biometric authentication
  • SAML-based single sign-on
  • End-to-end application vulnerability and penetration tests
  • Adaptive web application firewall and DDOS protection
  • SOC 2 Type 2 Compliant
  • GDPR Compliance: with our obligations as a data processor
  • California Consumer Privacy Act (CCPA)
  • ISO 27001 Certified

Global Availability and Support

Always on, worldwide

security uptime

Unrivaled uptime and data access

  • 99.99% uptime (less than 1.18 minutes of downtime per month)
  • Automated incident response and resolution
  • Available data centers in 42 zones across 16 geographic regions

Broad support for you and your end users

Your architect provides technical support to ensure a successful implementation.

Our customer engineering team provides app update management, API support and integrations support for the long term.

Get end-user support directly from Firstup applications.

security support2

Security and Compliance Team

Guidance from subject matter experts

Our Security and Compliance team includes subject matter experts in US and international cybersecurity law and compliance guidelines, software engineering, secure software development and systems architecture. They ensure the most stringent standards are applied to our cloud-based AWS system and your specific platform. We serve many of the world’s most rigorously regulated business sectors, and our team ensures compliance with these demanding standards.

We enforce strict internal and external data privacy policies and protections to ensure customer data is safe in our environment at all times. Additionally, to ensure that our customers can lawfully transfer personal data to Firstup from outside of the European Economic Area, we provide all required protections through a series of inter-company agreements authorized under EU law.

Confidentiality

Protect your proprietary information

The confidentiality of your data is our top priority. Our platform and apps are designed from the ground up to prevent sensitive information from reaching the wrong people. We also make sure that the right people can access it when it’s most critical to your business—whether the data is at rest or in transit.

Access is restricted to those authorized to view your data, on your terms, in support of your organization’s goals. We use multiple methods and layers of security control implementations, including but not limited to: account security, data encryption, biometrics, two-factor authentication, single sign-on (SSO) capabilities, containerization and tokenization.

Integrity

Keep your data intact

We maintain the consistency, accuracy and trustworthiness of data over its entire life cycle. Data is not changed in transit, and we have controls to ensure that data cannot be altered by unauthorized people. These measures include file permissions and user access controls. Plus, our automated technical controls are in place to detect any changes in data that might occur within the platform. We accurately verify the integrity of your data in real time, as it is uploaded to the platform. Backups and redundancies—including fully complete, roll-over backups and business continuity and disaster recovery options—are available to restore the affected data to its correct state.

Availability

Ensure you reach your people

Each year, we deliver billions of push notifications, emails and pieces of content to employees globally. Using multiple AWS data centers with built-in redundancy, backup and rapid provision/deprovision models, we offer the most resilient and available service in the industry. We guarantee 99.99% uptime with no exceptions. Our auto-scaling platform is rigorously tested to ensure we can accommodate businesses with hundreds, thousands and tens of thousands of employees—which we do daily.

Security Roadmap

We’re always improving your security

The thought leaders, software engineers and infrastructure architects on our Security and Compliance team are always seeking process, procedure and technical improvements. We do this to ensure the confidentiality, integrity and availability of our customers’ data, and also to keep our customers compliant with the industry regulations and guidelines that impact their business decisions. To that end, we are always working to achieve compliance with and/or certifications within multiple compliance frameworks.

To learn how Firstup can support the security needs of your enterprise, contact us anytime