Fliplet security systems

Security is a core part of Fliplet’s product and operating procedures. Fliplet works with many large blue-chip clients and consequently we’ve designed our security systems to meet or exceed their requirements.

We’ve worked with very large enterprise companies since 2013. Every year, over 1,500 apps are created with Fliplet, and over 3,500 updates pushed. You can trust we have the experience to deal with your security requirements.

Fliplet enforces quarterly security training for all staff. This training covers privacy and security topics, including device security, acceptable use of systems, how to preventing malware and other attacks, physical security, data privacy, account management, and incident reporting. Additionally, Fliplet has extensive internal policies and procedures that all staff commits to abide by.

We carry out third-party audits on an annual basis as a minimum, and welcome audits from current clients, including penetration testing.

Every software change and update carried out on Fliplet is thoroughly assessed for risks, stored in a version-controlled repository and peer reviewed.

All connections to Fliplet communicate using a secure connection via HTTPS with a 256 bit SHA certificate via SSL cryptographic protocol, and data at rest in Fliplet’s production database is encrypted. For information about the many other ways we secure customer data, contact our sales team.

Fliplet is committed to protecting our clients’ data and assisting them in meeting their data protection regulations. We comply with the European Union General Data Protection Regulation. Under GDPR Fliplet is considered a Data Processor and Fliplet’s clients are typically considered to be Data Controllers. Fliplet meets the security measures set out in the GDPR and will assist its clients with technical and organizational measures, where possible, in meeting their obligations.

Fliplet offers a range of options. For more sensitive data you can withhold it during the app building process and only expose it to the app once the app is deployed on your device (so Fliplet is never exposed to your data and it doesn’t pass through our servers). For speed and non-sensitive data (eg data already in the public domain) you can use our servers and in-built data managers.

Fliplet has an explicit commitment to help customers apply the level of security they need in order to meet their company’s standards, and extensive options to meet them, from distribution via public or enterprise app stores to access protection via authorized lists, domain or email authentication and single-sign-on and beyond.

Fliplet utilizes services provided by its hosting provider to distribute its production operation across at least six separate physical locations. These six locations are within two geographic regions, in order to protect Fliplet’s service from loss of connectivity, power infrastructure and other common location-specific failures. Fliplet also retains a full backup copy of production data on both geographic regions on a separate infrastructure. Full backups are saved as snapshots to this location once per day and transactions are saved continuously and snapshot every 5 minutes.

If you need any further information please don’t hesitate to contact us at hello@fliplet.com