We use canUmeet every day to keep our team organized, connected, and focused on results. Ensuring our platform remains secure is vital to protecting our own data, and protecting your information is our highest priority.

Our security strategy covers all aspects of our business, including:

• canUmeet corporate security policies
• Physical and environmental security
• Operational security processes
• Scalability & reliability of our system architecture
• Data model access control in canUmeet
• Systems development and maintenance
• Service development and maintenance
• Regularly working with third party security experts

24/7/365 Monitoring

canUmeet is monitored 24 hour a day, 7 days a week, 365 days a year. If something goes wrong, we will be the first to know about it and will have technicians working to fix the problem immediately, no matter when it occurs. We monitor mailing lists for all our software dependencies to keep track of security notices and keep our software up to date. We also offer a security bounty for users reporting security problems. canUmeet is hosted in Heroku, which applies security best practices and manages platform security. https://www.heroku.com/policy/security

Data encryption

We exceed all industry standards to make sure your account is protected using multiple layers of encryption. We follow all the guidelines to make sure transmitting of all cardholder data is kept secure. We encrypt any information shared over public networks with an SSL connection to ensure all of your booking links are safe from unfriendly hackers.

Security in our Software Development Lifecycle

canUmeet uses the git revision control system. Changes to canUmeet’s code base go through a suite of automated tests and are reviewed and go through a round of manual review. When code changes pass the automated testing system, the changes are first pushed to a staging server wherein canUmeet employees are able to test changes before an eventual push to production servers and our customer base. We also add a specific security review for particularly sensitive changes and features. canUmeet engineers also have the ability to “cherry pick” critical updates and push them immediately to production servers.

We also work with third-party security professionals to:

• Test our code for common exploits
• Use network scanning tools against our production servers

Compliance

canUmeet does not process payments directly and instead relies on an integration with the payment platform Stripe. PCI compliance is handled by Stripe, cf. https://stripe.com/docs/security and http://www.visa.com/splisting/searchGrsp.do?companyNameCriteria=stripe

Limited Access

Our team has the minimal required level of access to customer information in order to maintain our systems and to assist you appropriately.

Want more information?

Please refer to our Privacy Policy for more details. If you have any specific questions or require further information, please email us support@canumeet.com.