Security & Privacy

We are committed to security and are strong advocates for user privacy and safety.

 
 
encryption.png

Security best-practices

End-to-end encryption

At the most inner level of encryption within the Glacier platform, messages are encrypted the the Double Ratchet Algorithm. This key management algorithm provides:

  • Symmetric end-to-end encryption

  • Forward Secrecy

  • Independent key renewal

  • Plausible deniability

Glacier calls are encrypted with TLS + SRTP (Secure Real-Time Transport Protocol).

Audits

Glacier apps have been evaluated against the National Information Assurance Partnership (NIAP) protection profile (PP) security criteria by Apcerto, a mobile development and security platform using application vetting technology built around machine learning Bayesian algorithms. Download the Glacier report.

Key Management

Data at rest is encrypted with a unique customer key. The key management service has been validated and certified by PCI DSS Level 1, FedRAMP, and HIPPA-eligible.

 
data_transport2.png

Secure data channels

Each unique customer network is launched with cloud based automation. The data transport layer is encrypted with Transport Layer Security (TLS) 1.2. The Glacier Core app provides additional encryption and anonymity with AES-256 SSL VPN.

Intelligent threat detection and continuous monitoring of customer networks detects potentially compromised services or reconnaissance by attackers.

Glacier does not require or ask for user data such as names, phone numbers, or email addresses. Users are provided a user ID and organization ID. User data and authentication is encrypted at rest and in-transit as well as HIPAA eligible and PCI DSS, SOC, ISO/EIC 27001, ISO/EIC 27017, ISO/EIC 27018, and ISO 9001 compliant.

 
team-secure.jpg

Trusted experts

Our team’s former U.S. Intelligence and military experience give us a unique understanding of the challenges organizations face with mobile security. We’ve spent years using and creating cutting edge technology to tackle some of the nations most unique and complex problems around mobile security.