How we protect the data of our customers and their visitors

On a daily basis, we help over 10,000 offices keep their visitors’ information safe and secure from prying eyes. That’s our job—Envoy Visitors is a security and compliance service.
Mar 14, 2019
Envoy logo
Founder and CEO, Envoy
How we protect the data of our customers and their visitors

In the pursuit of our mission to challenge the status quo of the workplace, we started right at the beginning of that workplace: the front desk. Specifically, the paper log book at the front desk. You know, that binder that has the exact names, emails, phone numbers, sometimes drivers license numbers, and who knows what else from every single visitor that’s ever been inside the building you’re visiting. It’s just out there, open to everyone, to just browse through. It is that systematic mishandling of personal and private information that was a key reason I started this company back in 2013. 

On a daily basis, we help over 10,000 offices keep their visitors’ information safe and secure from prying eyes. That’s our job—Envoy Visitors is a security and compliance service. Yes, we also try to bring a simple, modern, more convenient experience, but at the core of it, privacy and security are paramount. 

It is for this reason we invest a lot in protecting that information. I’d like to share some of the ways we do this:

  1. SOC 2 Type II certification. In 2018, Envoy received its SOC 2 Type II certification. It’s a component of the American Institute of Certified Public Accountants, whose goal is to make sure that systems are set up that assure security, availability, processing integrity, confidentiality, and privacy of customer data. Please reach out to us for our report. 
  2. GDPR compliance. We have spent significant efforts to ensure we are in compliance with the General Data Protection Regulation (GDPR). This European standard is designed to modernize laws that protect the personal information of individuals. It also boosts the rights of individuals and gives them more control over their information. 
  3. Data encryption. Data storage is encrypted at rest using encrypted AWS RDS databases. In transit, we use techniques like certificate pinning and HSTS to ensure all TLS connections are secure. 
  4. Dedicated security team. We’ve invested in specialized talent in data protection so you don’t have to. This comes with a team structure and processes that include weekly cross-functional meetings to evaluate our data protection protocols and adapt to any new circumstances. This specialized team ensures that every feature we build is compliant with the highest security standards. 
  5. Regular third-party audits. We are regularly audited by dozens of enterprise customers on a yearly basis for security vulnerabilities and internal processes and policies. These audits have never revealed any critical issues. Whatever issues do come up, though, we of course address with haste.
  6. Public bounty program. We’ll soon be opening a public-facing vulnerability disclosure and bounty program to systematize our involvement with outside cybersecurity professionals. We want to make it easy for researchers such as IBM X-Force Red to communicate with us about things they discover––even if discovered bugs are write-only or only impact analytics libraries. No potential vulnerability is too small, and we have dedicated staff ensuring fixes are deployed swiftly.
  7. Honest revenue model. We are a business-to-business enterprise software-as-a-service solution. We make revenue by selling subscriptions to the service we offer. We never have and never will sell customer or visitor data. Our customers pay us so we can build and operate the service. It’s a simple, honest system. 

It’s through steps like the above that we’ve maintained a record of never having had visitor data accessible, at all, in any way, to anyone not authorized. We’re incredibly proud of our programs, but we’re always looking to improve. If you’re an engineer looking for a place to learn and help, please consider joining us

The workplace is evolving, and more and more of it is becoming digitized and connected online. Data protection and strong attention to data privacy is and should be a key part of this. Not all online services are equal in how they protect customer data, but here at Envoy I’m proud to say we do our part in investing heavily in it. If you have any questions or want to know more about our programs, please don’t hesitate to contact us: security@envoy.com.

Thank you!

— Larry
Founder and CEO, Envoy

Heading

What’s a Rich Text element?

What’s a Rich Text element?

The rich text element allows you to create and format headings, paragraphs, blockquotes, images, and video all in one place instead of having to add and format them individually. Just double-click and easily create content.

The rich text element allows you to create and format headings, paragraphs, blockquotes, images, and video all in one place instead of having to add and format them individually. Just double-click and easily create content.

Static and dynamic content editing

Static and dynamic content editing

A rich text element can be used with static or dynamic content. For static content, just drop it into any page and begin editing. For dynamic content, add a rich text field to any collection and then connect a rich text element to that field in the settings panel. Voila!

A rich text element can be used with static or dynamic content. For static content, just drop it into any page and begin editing. For dynamic content, add a rich text field to any collection and then connect a rich text element to that field in the settings panel. Voila!

How to customize formatting for each rich text

How to customize formatting for each rich text

Headings, paragraphs, blockquotes, figures, images, and figure captions can all be styled after a class is added to the rich text element using the "When inside of" nested selector system.

Headings, paragraphs, blockquotes, figures, images, and figure captions can all be styled after a class is added to the rich text element using the "When inside of" nested selector system.
Button TextButton Text
AUTHOR BIO
Founder and CEO, Envoy

Larry Gadea, Founder and CEO of Envoy, likes to push himself and others to achieve great things. He is passionate about technology and loves experimenting with the latest and greatest. Ask him about his 3D printer or the home automation system he built from scratch.

Read more

Security is critical for the future of your business. Learn how different types of security are important in the workplace and why you need them.

Learn how to choose a visitor management solution that’s right for you, including the best features to look out for.

A quality workplace has the power to make your organization thrive, if it's managed well. In this post, explore why workplace management is so important and how to get it right for you.

In this post, we’ll explore what workplace compliance is and how to build a compliance culture for your organization.

Managing your space well doesn’t have to be difficult. But to be successful you need the right processes and tools.

With more folks sending personal packages to the workplace, having a sound mailroom management system in place is key.

Demo
Contact