Security at Diskus

Diskus takes pride in its security and compliance standards. We are committed to providing our customers with a safe and secure platform that protects user's confidential information and data. We adhere to strict security standards, conduct frequent checks, and continuously monitor and audit to ensure the security of customer's data.

MeetingScheduler
  • Diskus Board Meeting Solution Client
  • Diskus Board Meeting Solution Client
  • psp
  • Diskus Board Meeting Solution Client
  • Diskus Board Meeting Solution Client
  • Diskus Board Meeting Solution Client
  • Diskus Board Meeting Solution Client

Data Protection

Security of Data at Rest

With Diskus, client data is always secured — whether stored on the cloud or on-premises. We also use row-level encryption for all granular levels of security by encrypting individual rows in the database. All this encryption makes sensitive data unreadable to anyone even long before it enters the database.

Meetings

Security of Data in Transit

Diskus employs TLS 1.2 or later versions for every data entry. We also implement features like HSTS and Cloudflare to manage our server TLS keys and certificates, distributing them through application load balancers.

Meetings

Secure Management of Application Data

Diskus also ensures the confidentiality of application data. All application data are encrypted and placed in a vault service that only authorized users can access. We also review all the logs to monitor who accesses data and for what purpose to identify any unauthorized or suspicious activity.

Meetings

Product Security

Cybersecurity Assessment

Our security experts conduct regular penetration testing to identify vulnerabilities in our system. These audits are custom-designed for each of our products (website, mobile applications, and cloud infrastructures)—only security engineers have full access to the source code. The findings of these tests help us improve our security practices and provide you with a more secure platform.

Meetings

Secure Development Lifecycle (SDLC)

We also ensure security at the software development stage. Our vulnerability scanning involves continuous code static analysis (SAST) testing, software composition analysis (SCA) to find vulnerabilities in our software supply chain, and network vulnerability scanning.

Meetings

Endpoint Security Measures for Enterprises

All business devices come with mobile device management (MDM) software and anti-malware security. Diskus ensures secure endpoint configuration by using MDM software. It involves password management, disk encryption, screen lock configurations, and regular software upgrades.

Meetings

Enhanced Remote Access Security

Diskus uses advanced identity-aware proxy technology to ensure remote access to internal resources is secure. The development team employs this access tool for SSH, Kubernetes, databases, internal web applications, and Windows systems. We leverage biometrics and machine identification to mitigate phishing risks, and our zero-trust design prevents attackers from pivoting within our network.

Meetings

Security Education & Training

Diskus provides security training to all onboarding and existing employees through various educational modules of the Vanta platform. Plus, new employees' live onboarding sessions revolve around our important security principles. Our security team regularly updates employees on safety and security threats that require immediate action or attention.

Meetings

Managing Identity and Access

  • Diskus leverages Azure AD for identity management and access control.
  • We recommend implementing phishing-resistant authentication factors and single sign-on (SSO) wherever possible.
  • Only authorized personnel can access customer data for operational or maintenance purposes.
  • Employees are granted access to applications solely based on their roles and are automatically removed upon termination.
  • Access to applications is only granted as per the established policies for each application.
  • All additional access is provided within these policies.
Meetings

Vendor Security

  • Diskus uses a risk-based perspective to determine a vendor's inherent risk rating using these factors:

    • Access to customer and corporate data
    • Integration with production environments
    • A potential disadvantage to the Diskus brand

  • After the inherent risk rating assessment, the vendor's security is evaluated to determine the residual risk rating for the vendor's approval decision.
Meetings

Backup and Business Continuity

Our production infrastructure is efficiently designed with redundancies in highly available configurations across multiple availability zones. So, if one part of the system falls, another quickly takes over. An auto-back policy facilitates the retrieval of crucial data in case of disaster.

Meetings

Infrastructure Management and Configuration

Diskus uses Terraform as code to maintain infrastructure. We allow modifications through a procedure that replicates the application-level software development process. We use separate infrastructure for development, staging, and live environments and strictly limit data sharing between them.

Meetings

Proactive Monitoring

  • We conduct comprehensive infrastructure and application performance monitoring to detect and resolve problems. Automated alerts with on-call schedules are established, and escalation procedures are set up for all members of the DevOps team.

  • Our security team identifies and responds to any application attacks, abnormalities, or suspicious activity by security monitoring.
Meetings



Diskus ensures the protection of user's confidential information and data and takes pride in its security and compliance standards. We adhere to strict security standards, conduct frequent checks, and continuously monitor and audit to ensure the security of customer's data.