Security & Privacy
We are committed to security and are strong advocates for user privacy and safety.
At the most inner level of encryption within the Glacier platform, messages are encrypted with OMEMO, leveraging the Double Ratchet Algorithm with AES-256 cipher.
Symmetric end-to-end encryption
Independent key renewal
Glacier calls are encrypted with TLS + SRTP (Secure Real-Time Transport Protocol).
Glacier apps have been evaluated against the National Information Assurance Partnership (NIAP) protection profile (PP) security criteria by Apcerto, a mobile development and security platform using application vetting technology built around machine learning Bayesian algorithms. Download the Glacier report.
The OMEMO protocol has been audited by a third party. Download the OMEMO audit.
Data at rest is encrypted with a unique customer key. The key management service has been validated and certified by PCI DSS Level 1, FedRAMP, and HIPPA-eligible. Read more about compliance and security of KMS.
Secure data channels
Each unique customer network is launched with cloud based automation. The data transport layer is encrypted with Transport Layer Security (TLS) 1.2. The Glacier Core app provides additional encryption and anonymity with AES-256 SSL VPN.
Intelligent threat detection and continuous monitoring of customer networks and services is provided by Amazon’s Guard Duty. This technology is used to detect potentially compromised services or reconnaissance by attackers.
Glacier does not require or ask for user data such as names, phone numbers, or email addresses. Users are provided a user ID and organization ID. User data and authentication is encrypted at rest and in-transit as well as HIPAA eligible and PCI DSS, SOC, ISO/EIC 27001, ISO/EIC 27017, ISO/EIC 27018, and ISO 9001 compliant.
Our team’s former U.S. Intelligence and military experience give us a unique understanding of the challenges organizations face with mobile security. We’ve spent years using and creating cutting edge technology to tackle some of the nations most unique and complex problems around mobile security.