Krisp employs information security policies and there is an executive-level strong commitment to implement and follow the policies throughout the organization.
Information Security program is lead by the Head of Security @ Krisp.
Krisp is planning to receive SOC-2 certification in the second half of 2020.
Krisp desktop app (Windows and Mac) processes all voice audio data on the end user’s machine. This data never leaves the user’s machine.
Krisp stores the following customer data in its cloud:
TLS encryption is used throughout all our services (no exception).
Customers can delete all their data by sending an email to firstname.lastname@example.org.
Customers can request all their data by sending an email to email@example.com.
Once a user account is deleted, all associated data (account settings, etc.) are removed from Krisp systems. This action is irreversible.
This document provides the full list of authorized Krisp Sub-processors and describes the process of receiving notifications on sub-processor changes.
Account data is gated at the application layer. Account data is not physically segregated at the database or storage layers. If this is a security requirement for your team, please contact us at firstname.lastname@example.org.
We share some user information with 3rd-parties for analytics reasons, payments (Stripe), sending transactional emails (Sendgrind), etc. That complete list along with the reason for sharing exactly what information we send to these platforms can be provided upon request. Please email us email@example.com.
By default, only our key engineering leads have access to customer data. All other engineers do not have access to customer data unless granted permission for debugging purposes.
Krisp app operates locally on the users’ machines and most of the time doesn’t need to connect to its backend. When it detects that it can no longer connect to the backend it stops operating.
Our backend infrastructure is entirely hosted on AWS, it’s fully automated and monitored by continuous functional tests to detect any sort of downtime.
Krisp backend is entirely hosted on AWS and leverages all the security benefits (physical security, key management, redundancy, scalability, etc) that AWS provides. The IT infrastructure that AWS provides to its customers is designed and managed in alignment with security best practices and a variety of IT security standards, including SOC 1/SSAE 16/ISAE 3402 • SOC 2 • SOC 3 • FISMA, DIACAP, and FedRAMP • DOD CSM Levels 1-5 • PCI DSS Level 1 • ISO 9001 / ISO 27001 • ITAR • FIPS 140-2 • MTCS Level 3.
In addition, Krisp backend is security-hardened by:
Krisp Backend doesn’t use passwords which makes it very lightweight from a security perspective. Instead, it relies on Google Sign-in, SSO and email code verification for all user sign-in events.
Krisp Backend is leveraging Stripe for payments and therefore it doesn’t store credit cards.
Krisp Backend is regularly scanned with industry-standard scanning tools for monitoring and detecting vulnerabilities. In addition, every quarter we do a thorough and detailed pentest using 3rd party pentest companies.
All members of our team go through a Security 101 training for increased security awareness
If you have any questions about this doc please contact us at:
Both come with 120 min/week for free