Integrations
Pricing
Resources

Data security & privacy at Realtair

Our customers are at the heart of everything we do, which is why keeping your data safe and secure is front of mind.

Data security & privacy at Realtair

Our customers are at the heart of everything we do, which is why keeping your data safe and secure is front of mind.

Ensuring what's private, stays private

You can be confident in how we’re handling the data you choose to share with us. 

Icon_Secure-Cloud
Realtair has been built with security in mind, with multiple layers of protection working together to keep you safe
Icon_Protection
Your data is encrypted both when stored (at rest) and when in transit (in-flight), ensuring it’s always defended
Icon_Thinking-about-security-and-privacy
We're committed to your security and privacy from top to bottom, with regular internal training and third-party audits
Icon_Secure-Cloud
Realtair has been built with security in mind, with multiple layers of protection working together to keep you safe
Icon_Protection
Your data is encrypted both when stored (at rest) and when in transit (in-flight), ensuring it’s always defended
Icon_Thinking-about-security-and-privacy
We're committed to your security and privacy from top to bottom, with regular internal training and third-party audits

Security from the inside out

 

Application level security
  • Account passwords are hashed so no employees can view them. This means the only way to fix a lost password is to reset it – please contact support if this is the case for you.

 

Encryption and data integrity
  • We have a full suite of ISO27001 Cyber Security policies, ensuring we’re committed to security from the top.
  • Your data is protected through multiple independent layers of security – or ‘defense in depth’ – ensuring you’re protected even if one layer fails. We use defense in depth throughout our network, system and access controls.
  • Our data is encrypted at rest with AES-256 and encrypted in-flight with 2096bit RSA encryption (TLS 1.2 or Higher).

 

Infrastructure and platform security
  • Our platform and data is hosted on Amazon’s AWS Global Infrastructure. AWS infrastructure is independently audited and certified for SOC 1, 2 and 3. 
  • We use AWS’ multi-AZ architecture to ensure we are resistant to failure, and data is protected across geographies.
  • We employ secure coding techniques based on the OWASP Top Ten, an independent standard for developers and web application security.
  • Our development, testing and production environments are separated. All platform updates are peer reviewed and logged for performance, audit and forensic purposes, before being pushed into production. 
  • Our software is written with security principles in mind to prevent Broken Access, XRF, CSRF, SQL injection and other common attacks.

 

Internal processes and education
  • We follow the principle of least privilege, so no one has access to your data who doesn’t need to.
  • We provide regular cyber security training for all our employees, including training for developers to prevent XRF, CSRF, SQL injection and other common attacks. 
  • We also encourage all employees to actively continuously improve the security of Realtair, no matter where they sit in the organisation.
  • Our staff have confidentiality agreements and ISO 27001-2 policy and procedures that are part of employees’ contracts.

 

Monitoring and testing
  • We constantly monitor security, performance and platform availability 24/7. We get reports in real time so we can react immediately as an issue arises.
  • All actions taken on production consoles are logged. 
  • We conduct regular cyber security and penetration testing through Vertex Cyber Security, an independent CREST certified cyber security expert company. We aim to do this at least annually.

 

Responding to incidents
  • We take all security incidents very seriously and will investigate any potential security threats and issues, resolving them quickly.
  • During a security incident, we follow a cyber security response procedure that includes following industry best practices for disclosure and notification.

Report a security or privacy issue to Realtair

If you’ve discovered a security or privacy issue you believe we should know about, we’d love to hear from you. To let us know of a vulnerability or for any cyber security questions and suggestions, please email us at security@realtair.com.

Contact us

Compliance certifications

 

 

NPC Seal of Registration
Philippines