Enterprise Security at Gupshup

Gupshup is committed to maintain data security and privacy program across its various suite of services.

Principles of Information Security

  • Confidentiality

    Confidentiality

    Ensuring disclosure of information only to authorized individuals

  • Integrity

    Integrity

    Maintain the accuracy of the data throughout its lifecycle

  • Availability

    Availability

    Information is available to the authorized individuals at the time they require

Compliance and Frameworks

GDPR Image
ISO Image

Information Security and Privacy Programs

  • Security Compliance

    Our Security Compliance team is dedicated to ensuring the adoption of industry best practices and aligning them to standard control frameworks and regulations. Our internal policies and processes are created and periodically reviewed to ensure alignment with the compliance framework and to provide seamless services.

  • Application Security

    Our services and applications developed to follow secure software development practices. We conduct periodic code analysis based on OWASP vulnerabilities. Application security testing is carried out to eliminate any vulnerabilities before onboarding to production environments.

  • Platform Security

    Physical security of the data centers is controlled and managed by our data-center partners.

    We conduct Periodic Vulnerability assessments and penetration testing to ensure the elimination of any security vulnerabilities in the infrastructure.

  • Data Security

    A high level of availability is maintained with data centers at different locations with periodic business continuity and disaster recovery programs.

    Data at rest and data in transit are encrypted. Continuous logging and monitoring help us to detect and prevent security threats. All access controls are provided role-based.