Skip to main content
Information Security

InfoSec Governance at Showbie.

Kenny Dickie avatar
Written by Kenny Dickie
Updated over 2 months ago

Security & Privacy Training

Showbie enforces annual security and privacy training for all employees. The content of this training includes topics such as GDPR and other data protection regulation compliance, defences against potential threats and cyberattacks, the chain of command when handling user or business data, and device security.

Employee Access and Security

We regard your data as private and confidential. Our production environment is completely separate from our other environments — including development and QA. AWS provides sophisticated Identity Access Management (IAM) to control access to its resources. Individually identifiable RSA key pairs are used for SSH access and root login is disabled. This ensures an audit trail of actions performed and the originator of those actions. All critical systems require 2-factor authentication where available.

Showbie employees are granted access to systems and data based on their role in the company or on an as-needed basis. Access is granted using the principle of least privilege.

Access to customer data by Showbie employees is only used to assist with support and to resolve customer issues. For such cases, we will get your explicit consent each time. Violation of this policy is a serious matter requiring investigation and appropriate disciplinary action up to and including termination as well as legal action.

When working on a support issue we do our best to respect your privacy as much as possible and only access the minimum data needed to resolve your issue.

Access attempts to our hosting platform and administrative systems are logged and monitored. Showbie systems have automated alerting systems that notify us of abnormal activity.

Communication Security

All communications at Showbie are secure using the latest TLS encryption (1.2 and 1.3). Communication with Showbie cannot be viewed by a third party and is the same level of encryption used by banks and financial institutions.

Did this answer your question?