Paperplane data is encrypted at rest and in transit for all customers. Data stored on Paperplane's platform, as well as communication between Paperplane servers and our customers, is encrypted via industry best-practice standards (i.e. TLS 1.2+) We store only the minimal amount of data that we need for your use cases.
Paperplane backs up critical system data multiple times per day to prevent data loss or corruption. All Paperplane and customer data is hosted at Tier IV or III+, SSAE-18, PCI DSS, and/or ISO 27001 compliant facilities.
Paperplane is hosted by Amazon Web Services (AWS) on US-based servers. AWS maintains a robust security system managed by World Class Security Experts. Review Amazon’s Security Center for more detailed information. We maintain a current list of third-party sub-processors that can be provided upon request.
Paperplane's compliance centers around risk management and governance best practices, which include network security, system monitoring, access control, human resource vetting and training, and more.
Paperplane conducts continuous network vulnerability testing and contract an independent third-party to conduct penetration testing at least annually. The company engages an independent, third-party auditor to perform an annual SOC2 Type II Attestation.
We use Salesforce’s OAuth to authenticate users, allowing your team to access Paperplane without entering login credentials into our system. We also work with SSO providers, like Okta.