Outbound 的安全保障

At outbound, your trust is our top priority. Handling sensitive information is at the core of what we do, and we are committed to protecting your data through rigorous security measures, industry-leading best practices, and compliance with globally recognized privacy standards. We design our protocols with respect to Singapore's 个人数据保护法（PDPA）, ensuring data is processed responsibly and transparently.

数据安全

• 静态与传输加密: All data is protected using advanced encryption technologies. Communications are secured with TLS 1.2+, and stored data is encrypted to safeguard against unauthorized access.
• 支付安全: We utilize Stripe, a PCI DSS Level 1 certified provider, to handle all payment transactions securely, ensuring sensitive payment details remain encrypted and protected.
• DigitalOcean 安全: Our platform benefits from DigitalOcean, providing 防火墙, anti-DDoS protection, and enhanced performance to keep your data secure.

应用程序安全

• 定期更新: We implement regular patches and updates to address emerging vulnerabilities, ensuring our platform stays secure.
• 严格测试: Each software release undergoes thorough testing, including automated scans and manual reviews, to detect and address security issues proactively.
• 访问控制: Role-based access control ensures that only authorized personnel can access sensitive data, minimizing risks of misuse.

基础设施安全

• 物理安全: Secure data centers with access controls (biometrics, proximity cards) and 24/7 monitoring for physical security breaches.
• 网络安全:
• 每年至少对网络设备的基线配置进行一次更新， 或在发生重大变更时及时更新。
• 在配置基础设施组件时， 采用最小权限原则。
• 在设备与数据中心之间，以及数据中心内部， 使用 TLS 等行业标准传输协议。
• 采用纵深防御策略，实现边界保护。
• 制定、实施并持续评估相关流程、规范及 纵深防御技术，以保护系统安全、及时检测 并快速响应基于网络的攻击。
• 服务器:
• 采用生物识别、近距离感应卡及/或 PIN 读卡器系统， 严格限制数据中心的访问权限。
• 对基础设施实施监控机制，实时检查服务器 性能、数据流量及负载容量。
• 部署工具实时检测并处理主机异常， 并在必要时自动重建主机。
• 第三方在销毁实体生产资产后， 须提供相应的销毁证明。
• 完善的逻辑访问策略与操作规程文档。

隐私与合规

We design our data handling protocols with respect to Singapore's PDPA, aiming to process your data responsibly and transparently. Our policies prioritize user control, allowing you to request data erasure or access as needed.

内置产品安全

• 基于角色的权限管理: Custom permissions ensure users access only what they need, enhancing security and minimizing risk.
• 安全登录选项: We offer advanced login features, including Single Sign-On (SSO) and multi-factor authentication, for a seamless and secure user experience.
• 审计日志: Detailed activity logs provide visibility into system events, allowing swift detection and resolution of any issues.

持续监控

• 主动监控: Our systems are equipped to monitor for unusual activity in real time, with alerts to address potential threats promptly.
• 事件响应: A robust response plan ensures quick containment, investigation, and resolution of any security incidents, minimizing impact on your data.

合作伙伴

At outbound, we partner with trusted providers like Auth0, DigitalOcean, DreamHost, and Stripe, incorporating their security best practices into our operations. These measures, combined with our commitment to respecting privacy laws and adhering to stringent security protocols, ensure your sensitive information is handled with care and integrity.