Security, Compliance & Data Protection

Keeping your customer data secure is our top priority at Distro

1

Access controls

Distro’s identity provider enforces 2-factor authentication and automates user provisioning

2

Server security & monitoring

Our server configuration uses well documented security guidelines, all changes to the infrastructure and security events are tracked and logged

3

Secure Infrastructure Provider

Your customer data is hosted in US-based Amazon Web Services facilities that are physically secure with 24/7 surveillance

4

Data encryption in transit & at rest

All Distro customer data is encrypted using TLS and AES-256

5

Data redundancy

Fault tolerant infrastructure and databases that operate in a cluster configuration. Our application tier scales using load balancing technology that dynamically meets usage demand

6

Development process

Distro feature development is built on a documented SDLC process. We’ve set up internal controls to ensure that every product update is peer reviewed and deemed secure before deployment to production

Additional resources

  • Penetration testing
  • Vulnerability scanning
  • Distributed Denial-of-Service mitigation
  • Intrusion detection & prevention systems
  • Security patch management

TCPA Compliance

Distro is not an Automated Telephone Dialing System (ATDS) as it does not have the capacity for random or sequential phone number generation, which meets FCC’s test of human intervention and the Supreme Court’s test of random and sequential number

Key TCPA-compliant functionalities

  • Human intervention for manual dialing & sending of messages, with built-in automation for subscribed or opt-in lists
  • Content timing & discretion control by agents
  • 1-to-1 conversations between sender and recipient

From Our Blog