Skip to main content

Security is our top priority

We know that security is important to customers. We take the responsibility to ensure that the 8x8 Communication APIs platform is absolutely secure, private and reliable, so customers can have a peace of mind.

Woman using device with secure APIs
Woman using device with secure APIs

Compliance Programs

At 8x8, we take the lead in the cloud-based communications industry for security across a company’s entire enterprise.

  • 8x8 cybersecurity controls are designed sufficiently and operated effectively throughout the testing periods.
    • 8x8 is HIPAA compliant and provides Business Associate Agreements for Covered Entities and Business Associates.
    • 8x8 is one of the first companies to be awarded by the Cyber Security Agency of Singapore, for good cybersecurity practices
    • 8x8’s information security management system is globally certified as compliant with the requirements of ISO 27001: 2013.
    Federal Information Security Management Act (FISMA) compliant logo
    Logo for American Institute of CPAs SOC
    Logo for PCI-DSS-compliance
    Logo for HIPAA compliance
    Cyber Trust Advocate Certified by CyberSafe Singapore logo
    Logo for Alcumus ISOQAR Certification for UKAS management systems
    Federal Information Security Management Act (FISMA) compliant logo
    Logo for American Institute of CPAs SOC
    Logo for PCI-DSS-compliance
    Logo for HIPAA compliance
    Cyber Trust Advocate Certified by CyberSafe Singapore logo
    Logo for Alcumus ISOQAR Certification for UKAS management systems
    Federal Information Security Management Act (FISMA) compliant logo
    Logo for American Institute of CPAs SOC
    Logo for PCI-DSS-compliance
    Logo for HIPAA compliance
    Cyber Trust Advocate Certified by CyberSafe Singapore logo
    Logo for Alcumus ISOQAR Certification for UKAS management systems
    Federal Information Security Management Act (FISMA) compliant logo
    Logo for American Institute of CPAs SOC
    Logo for PCI-DSS-compliance
    Logo for HIPAA compliance
    Cyber Trust Advocate Certified by CyberSafe Singapore logo
    Logo for Alcumus ISOQAR Certification for UKAS management systems

    Industry-leading Security and Compliance

    Any enterprise product or service must meet or exceed existing customer security and compliance requirements. Prior to launch, all service offerings go through rigorous software code security stress testing using static and dynamic analysis.

    Industry-leading Security and Compliance

    Any enterprise product or service must meet or exceed existing customer security and compliance requirements. Prior to launch, all service offerings go through rigorous software code security stress testing using static and dynamic analysis.

    Industry-leading Security and Compliance

    Any enterprise product or service must meet or exceed existing customer security and compliance requirements. Prior to launch, all service offerings go through rigorous software code security stress testing using static and dynamic analysis.

    Industry-leading Security and Compliance

    Any enterprise product or service must meet or exceed existing customer security and compliance requirements. Prior to launch, all service offerings go through rigorous software code security stress testing using static and dynamic analysis.

    Hacker-Powered Security

    8x8’s Responsible Disclosure & Bug Bounty Programs

    8x8 runs responsible disclosure and incentivized bounty programs through HackerOne to allow anyone to report vulnerabilities.

    With this National Institute of Standards and Technology best-practice RDP, we have a well-defined process for finding and fixing vulnerabilities—before they could be exploited. We partner with the security’s greatest minds to keep our customer’s and partner’s data safe and secure.

    Programmer assigned to fix bugs looking through a glass window
    Programmer assigned to fix bugs looking through a glass window

    8x8 Communication APIs: Secure by design

    Application Development

    The 8x8 Software Development Life Cycle includes multiple stages of review; starting with an architectural review at the start of new projects, ongoing code checking by both manual peer review, further review by security staff and automated reviews utilizing Static Application Security Testing & Dynamic Application Security Testing tools.

    Developers in an office reviewing code for security issues
    Developers in an office reviewing code for security issues

    Cryptography Measures

    Data is encrypted in-transit and at-rest, utilizing strong encryption technologies, such as the Transport Layer Security (TLS) version 1.2, Short Message Peer-to-Peer (SMPP) protocol via TLS, and the 256-bit AES algorithm in Galois Counter Mode (AES-GCM).

    Data security professionals ina meeting room with highly-reflective windows
    Data security professionals ina meeting room with highly-reflective windows

    Built-in security

    8x8 provides in-product security and data protection for users to securely integrate our solution, including:

    • Two-Factor Authentication
    • Single-Sign-On via SAML
    • Number Lookup API
    • Mobile Verification API
    • Number Masking
    Young woman working on her laptop using 2-factor authentication
    Young woman working on her laptop using 2-factor authentication

    Comprehensive processes that meet the highest security requirements

    The security, availability, and confidentiality requirements for 8x8 Communication APIs platform are managed using a combination of:

    1. Documented policies and procedures
    2. Management oversight
    3. Security-first and privacy-first cultures
    4. Technology implementations using security-by-design principles

    These management practices are implemented in all areas to protect systems, data, and personnel and to ensure compliance with industry best practices and standards.

    IT professional verifying API platform security through a tablet
    IT professional verifying API platform security through a tablet

    8x8 is committed to your security

    From 8x8’s management philosophy to physical, process, employee, product, and infrastructure security as well as business continuity, 8x8 has put security measures in place to ensure your messages are reliably and securely delivered.

    To get started, the 8x8 Developer Hub gives access to step-by-step guides and API references.

    Two co-workers discussing security management
    Two co-workers discussing security management

    Learn more

    Get an in-depth look at 8x8’s security practices with our security whitepaper.

    security_api.png
    security_api.png

    Contact Us

    Any sales or general enquiries?

    Complete the form on the left or email

    cpaas-sales@8x8.com


    Need product help?