Security is at the heart of everything we do.

We develop some amazing and innovative features for our platform but we’re also doing that while ensure your data and your clients data is kept securely.

Our security is internationally recognised and validated unlike that of some competing platforms.

We’re certified to International Standards

We’re ISO 27001 compliant with regular internal and external audits. We’re currently implementing SOC 2.

Data Security

Your data is our main priority. We use only internationally recognised cryptography and algorithms to ensure it stays secure.

Security Controls

There’s multiple login types to our platform each with different levels of access to customer data.

Policies you can trust

Our security policies are to International Standards and certified with regular external checks to ensure their kept upto date and fully implemented across the organisation.

  • Cloud Security 

    Based on the 14 principles of Cloud Security, as determined by the National Cyber Security Centre,  demonstrates how we configure and safely deploy our Cloud based event platform.  

  • ISO 27001

    streamGo has been awarded ISO 27001 in November 2021. All elements of the framework are implemented in the business. 

  • GDPR Compliance 

    We commission an external, independent annual assessment of our GDPR credentials. Our latest audit was  completed in Sept 2021. Enclosed are the details of our latest audit which shows the overarching Risk Areas  assessed and the standards we adopt associated with each Key Risk Area. This is a comprehensive evidence  based audit.  

We currently implement the following policies across our organisation which are reviewed quarterly internally and assessed annually as part of ISO 27001:

 

  • Informational Security Management System Scope
  • Information Security Policy
  • Change Control Procedure
  • Control of Documented Information Procedure
  • Software Development Procedure
  • Security Incident Management Procedure
  • Legal and Other Requirements Management Procedure
  • QISMS System Manager Actions Procedure
  • Improvement Procedure
  • Internal Audit Prcedure
  • Business Context and Critical Requirements Management Procedure
  • Information Asset and Risk Management Procedure
  • Handling of Personal Information Processing Requests Prcedure
  • Termination Procedure
  • Disciplinary and Appeals Policy and Prcedure
  • Privacy Policy
  • Cookie Policy
  • Business Continuity Plan
We run multiple security controls across our platform and operational procedures:

 

  • Annual internal penetration test covering our web platform and our mobile applications (iOS and Android).
  • Quarterly vulnerability scans – external and internal
  • Peer review for security concerns on any new development work.
streamGo take network security incredibly seriously and adopt the following best practices:

 

  • Wifi Security and Guest Network
  • Firewalls
  • Web Application Firewall (WAF)
  • Anti-DDOS (AWS Shield Advanced)
  • Intrusion Detection System (IDS)
  • Database access only via whitelist IP access
  • Regular password changes to admin accounts of our platform and super admin permissions to extremely limited staff (sub 5).
streamGo adopt international standards to protect your data and that of your attendees:

  • Encryption in transit – TLS v1.2
  • Encryption at rest – AES-256

We implement extremely strict access control to data through the use of nominative accounts, IP whitelisting and MFA security

  • We run regular patch management operations on all our servers and staff laptops
  • Staff are unable to install new software on their laptops without admin approval.
  • Avast Webshield is installed on all staff devices.
  • Our platform is built to withstand heavy load and maintain a extremely high availability status. We use multiple regions and availability zones in AWS alongside load balancing, auto scaling, manual scaling and load prevention to maintain our platforms presence. We support events of upto 100 thousand attendees without issue.
  • Our platform uses global multi-CDNs with real time fall back to maintain content delivery at scale.
  • We have a fully functional Disaster Recovery and BCP plan that is tested.

  • Our physical premises are protected by app-controlled access, remote admin control, CCTV and alarms with no client data retained on premises
  • Our data and platform are in AWS data centers – more info on their security controls are here: https://aws.amazon.com/compliance/data-center/controls/
  • Our database is not cloud-based, it is a single instance in an AWS London data centre – data is not spread across multiple servers
  • Data is not stored in any other country nor server
  • The server scales depending on capacity needs
  • Employees working remotely following our Informational Security Policy with Web Shield installed

GDPR

  • streamGo are not required to have a DPO under the GDPR regulations.
  • We fully comply with the GDPR policies and would report any breaches to the Information Commissioner’s Office.
  • All platform data is hosted in the United Kingdom, London, AWS datacentre.

SOC 2

  • streamGo are currently implementing this standard but believe we fully comply with it already.

ISO 27001

  • streamGo are fully compliant with quarterly internal and annual external reviews.

Powerful Event Matchmaking

Connect your virtual and physical attendees in seconds with our event matchmaking software, chatGo.

Unique Video Search

Make your on-demand event sessions a searchable video library for better discovery and higher engagement with discoverGo.

As Featured On