Security & Compliance

Soundbite™ is a SaaS platform for recording, listening, and distributing text, audio, and video in enterprise communications scenarios. It’s a combination of secure platform (back-end), Client SDK (front-end), and vertical-focused communications applications that deliver intrinsic value to our customers.

Built with
Microsoft Trust

Soundbite™ is built with a decade of enterprise class cloud technology knowledge, an approach emphasising defense-in-depth, and the security backing of Microsoft.

Born in the Cloud

Our “Born-in-the-Cloud” approach is focused on levraging the best-in-breed azure features to deliver scalability and security.

Integrated
Identity

Active Directory (AD) provides authentication, authorization, and group metadata to Soundbite™ via Microsoft Graph.

This means a user’s Microsoft identity is conveniently the same for Soundbite™ as when they are accessing Office 365.

GDPR & Data
Sovereignty

When you on-board with Soundbite™ , you will select compliant regions from Azure’s ever-growing list of locations, including a safe fallback location for Geo-redundancy of their SQL Database.

This ensures you are in control of the jurisdiction for your data.

Single Tenant
Storage

Storage accounts (Table and Blob) and SQL instances are one-per-organization, providing data segregation for each customer.

Data
Encryption

Storage accounts (Table and Blob) and SQL instances are encrypted at rest and in transport.

Connection strings and other keys are stored either securely in the service itself or centralized into Azure Key Vault

PII

This data is handled using best practices, including not storing where possible, anonymizing where possible, encrypting always, and ensuring more than one component of the system must be compromised before the information would be human-readable

Fault Tolerant
& Redundant

SQL databases are geo-redundant with a secondary in another region (except where prevented by data privacy) and support 30-day point-in-time restore with a long-term retention policy for 3 years.

Disaster Recovery

For more information of Microsoft’s approach to security, privacy, compliance, and transparency in their cloud services, please visit the Microsoft Trust Center. For a full list of compliance capabilities in Microsoft Azure that are harnessed by Soundbite, including operations on Government Regions, check out Microsoft Azure Compliance.

While our chosen use of largely managed services and PaaS capabilities means individual hardware failures are abstracted away, it’s still possible for a whole tenant or region to be impacted due to catastrophe. 

In this event, we have the following recourse:

Active Monitoring

Active monitoring on the applications and of Azure itself to immediately alert Soundbite support and DevOps to any disruption of service.

Backup & Retention

Backup, versioning, and retention such that we maintain point-in-time restore for 30 days with long-term retention of 3 years.

Remediation Plan

A detailed remediation plan to diagnosis and recover both tenants and regions based on an understanding of their components and configuration.

Recovery Plan

A detailed recovery plan that, in the event of outage, corruption, or loss, enables restoring tenants or regions from backup.

Restoration & Migration

A process for automation restoration and migration of a tenant instance in the event a tenant is corrupted or lost in a process taking less than 4 hours.

Regional Restoration

A process for automated restoration and migration of all tenants in a region to another operable region in the event an entire virtual datacenter fails to come back online in 24 hours.

Ready to learn more?

Find out how Soundbite™ can help your business.

Fill out form and we will reach out to book a product demonstration with you.

Security & Compliance

Built with
Microsoft Trust