SeekBeak is committed to the safe and private storage of all user data. Below you’ll find our policies around data protection and what we’re doing to keep our users safe.
Security for 360 Photo Businesses
Our datacenter is located in one of the most respected datacenter facility providers in the world. The site is staffed 24/7/365 with on-site physical security to protect against unauthorized entry. Security controls provided by our data center facilities includes but is not limited to:
- 24/7 Physical security guard services
- Physical entry restrictions to the property and the facility
- Physical entry restrictions to our co-located datacenter within the facility
- Full CCTV coverage externally and internally for the facility
- Biometric readers with two-factor authentication
- Battery and generator backup
Some of our plans allow for Two-Factor (2FA) authentication. 2FA is an extra layer of security for your account. It ensures that you’re the only person who can access your account, even if someone knows your password. The Two-Factor Authentication feature currently supports the use of most Authenticator apps, including:
- Google Authenticator
- LastPass Authenticator
- Microsoft Authenticator
Although all your uploaded images are unlisted by default, some of our plans also include the ability to password protect Tours and Images, through the usage of our “Groups” feature.
Perfect for sensitive material, client previews or any other usage where you need the image to not be publicly available.
Allowed Referrer Lists
Some of our plans also include the ability to limit access by referrer URLs. This means that the content can only be viewed when embedded inside a defined web page, or when accessed via a link on a defined web page. Public access to the content is denied unless accessed via set Referrer Domains/URLs.
All public data to and from our servers is encrypted in transit using valid TLS (HTTPS) SSL certificates utilizing RSA 4096 bits (SHA256 with RSA). Our servers are fully patched for known vulnerabilities such as Heartbleed, Ticketbleed, Heartbeat etc.
Datacenter Attestations and Certifications
Our datacenter is audited and/or certified by various internationally-recognized attestation and certification compliance standards. Current certifications for our datacenter are SOC 1 Type II, SOC 2 Type III, and SO/IEC 27001:2013.
Payment Data Security
Credit / debit card purchases for SeekBeak services are processed by the third-party vendor Stripe. When our customers provide their credit / debit card information on our website the data is sent to Stripe, no payment data is not stored on our systems.
Systems controlling the network infrastructure and microservice nodes at SeekBeak log to our centralized logging environment to allow for performance and security monitoring.
SeekBeak’s security team utilizes monitoring and analytics capabilities to identify potentially malicious activity within our infrastructure. User and system behaviours are monitored for suspicious activity, and investigations are performed following our incident reporting and response procedures.