CommPeak’s Security Commitment

Your calls, numbers, messages, and information are safe with CommPeak. On top of basic industry-standard protocols, CommPeak employs various layers of security to ensure your communications are protected.

Multiple Security Levels for Your Data Protection

Leveraging physical, network, application, and data security protocols, CommPeak protects against fraud and infiltration every step of the way. Each of our products also comes with its own extra layer of protection, safeguarding your business or enterprise.

Physical Security

All of our services are hosted on AWS, GCP, Hetzner, LeaseWeb, and more! All of our hosting partners are ISO 27001 compliant, fully protected from fires and natural disasters. Only authorized personnel can gain access. All data parks are under 24/7/365 surveillance and are equipped with diesel power generators.

Network Security

CommPeak provides the following preventive measures to safegaurd your data against even the most sophisticated electronic attacks:

Network firewalls
DDoS prevention
Network posture assessments

Application (API) Security

Firewalls are in place, exposing only the necessary ports.
CommPeak validates all requests.
Data is transmitted to our system using HTTPS.
All data transfers are encrypted by SSL protocols.

International Safety and Security Accreditations

ISO/IEC 27701:2019

CommPeak is pleased to announce that it has successfully obtained the International Organization for Standardization (ISO) certification for ISO/IEC 27701:2019 in February 2022. ISO/IEC 27701:2019 specifies a set of requirements and provides guidance for establishing, implementing, maintaining, and continually improving a Privacy Information Management System (PIMS) in the form of an extension to ISO/IEC 27001 for privacy management within the context of the organization. To view our certificate: CLICK HERE.

ISO/IEC 27001:2013

As a part of the ongoing commitment to data protection and security practices, CommPeak attained the ISO 27001:2013 in February 2021 and successfully completed the renewal process in February 2022. ISO/IEC 27001:2013 specifies the requirements for establishing, implementing, maintaining, and continually improving an information security management system within an organization. It also includes requirements for the assessment and treatment of information security risks. To view our certificate: CLICK HERE.

PCI DSS

CommPeak utilizes WorldPay and PayPal to accept customer payments. Both financial services companies are certified PCI Level 1 Service Providers, the most stringent security certificate available in the payments industry. CommPeak does not store or process any of our customers’ payment information. The Payment Card Industry Data Security Standard (PCI DSS) is an information security standard for organizations that handle branded credit cards and was created to increase controls around cardholder data to reduce fraud.

Payment Security

CommPeak utilizes WorldPay and PayPal to accept customer payments. Both companies are certified PCI Level 1 Service Providers, the most stringent security certificate in the payments industry. We don’t store or process any of our customers’ payment information.

Single Sign-On

Our enterprise-ready single sign-on (SSO) process empowers you with centralized control over your communication operations. The single authentication point enforces better password policies, limits phishing potential, and lowers the threat of data breaches.

Product Custom IPs

Report a Vulnerability

If you believed you’ve discovered a security vulnerability in our platform, please contact us immediately at [email protected]. Please include:

A description of the location and potential impact of the perceived vulnerability.
A detailed description of the steps required to reproduce the perceived vulnerability. POC scripts, screenshots, and screen captures are all helpful.