streamGo

Security is at the heart of everything we do.

We develop some amazing and innovative features for our platform, while ensuring your data is safe with internationally recognised security and processes.

Plans & Pricing

ISO 27001 Certified

We’re ISO 27001 compliant with regular internal and external audits.

Data Security

We use internationally recognised cryptography and algorithms.

Security Controls

Our platform access controls allow for different levels of access to data.

Regular Testing

We regularly run vulnerability assessments and penetration tests.

  • Cloud Security

    Based on the 14 principles of Cloud Security, as determined by the National Cyber Security Centre, demonstrates how we configure and safely deploy our Cloud based event platform.

  • ISO 27001

    streamGo has been awarded ISO 27001 accreditation. All elements of the framework are implemented in the business.

  • GDPR Compliance

    We have commissioned an external, independent assessment of our GDPR credentials as a comprehensive evidence based audit.

We currently implement the following policies across our organisation which are reviewed quarterly internally and assessed annually as part of ISO 27001:

  • Informational Security Management System Scope

  • Information Security Policy

  • Change Control Procedure

  • Control of Documented Information Procedure

  • Software Development Procedure

  • Security Incident Management Procedure

  • Legal and Other Requirements Management Procedure

  • QISMS System Manager Actions Procedure

  • Improvement Procedure

  • Internal Audit Prcedure

  • Business Context and Critical Requirements Management Procedure

  • Information Asset and Risk Management Procedure

  • Handling of Personal Information Processing Requests Prcedure

  • Termination Procedure

  • Disciplinary and Appeals Policy and Prcedure

  • Privacy Policy

  • Cookie Policy

  • Business Continuity Plan

We run multiple security controls across our platform and operational procedures:

streamGo take network security incredibly seriously and adopt the following best practices:

  • Web Application Firewall (WAF)

  • Anti-DDOS (AWS Shield Advanced)

  • Intrusion Detection System (IDS)

  • Database access only permitted within VPC

  • SSH and API keys rotated regularly

  • Regular password changes to admin accounts of our platform and super-admin permissions limited to authorised personnel.

streamGo adopt international standards to protect your data and that of your attendees:

  • Encryption in transit – TLS v1.2

  • Encryption at rest – AES-256

  • We run regular patch management operations on all of our servers and staff laptops.

  • Staff are unable to install new software on their laptops without admin approval.

  • Avast Web Shield is installed on all staff devices.

  • Our platform is built to withstand heavy load and maintain an extremely high availability status. We use multiple regions and availability zones in AWS to maintain our platforms presence. We can support events of upto 100,000 attendees without issue.

  • Our platform uses global multi-CDNs with real time fall back to maintain content delivery at scale.

  • We have a fully functional Disaster Recovery and BCP plan that is tested regularly.

  • Our data and platform are in AWS data centers – more info on their security controls can be found here: AWS Cloud Security Controls

  • Our database is a single instance in an AWS London data centre – data is not spread across multiple servers and data is not stored in any other country/server

  • The server scales depending on capacity requirements

  • Employees follow our Information Security Policy

  • streamGo are not required to have a DPO under the GDPR regulations.

  • We fully comply with the GDPR policies and would report any breaches to the Information Commissioner’s Office.

  • All platform data is hosted and stored in the United Kingdom, London, AWS Data Center.

Want to know more or have any further questions?

We're always available to answer any questions you may have.

Get in touch