Why the world works with Swit
Swit handles the sensitive information of enterprises and small businesses, across the world.
Swit trust and security
You trust Swit with your most valuable asset — your data. Rest assured that it is in safe hands. We have multiple measures in place to ensure that your information is secure.
Two-factor Authentication
Two-factor authentication adds an additional layer of security, ensuring no one but you can access your account and information.
Enterprise Key Management (EKM)
With this Swit security feature, you can encrypt sensitive data with a key that you own. Not only does this give you more control over your data, but you can also view how your keys are being used.
Audit log
The Audit log gives Admins in enterprise-level organizations access to a log of key activities across the company. This information assists admins in protecting the organization from security and compliance-related violations.
In this document
- Access to customer data
- Data storage encryption
- Data storage encryption for enterprises
- Encrypted backups
- Encrypted Communications
- Ensured data security
- Development security
- Penetration testing and bug bounty programs
- Security management for systems and infrastructure
- Constant monitoring for insider abnormalities
- Constant security monitoring
- Support for a more secure authentication system
- Security options for users
- Security authentication status
In this document 
- Access to customer data
- Data storage encryption
- Data storage encryption for enterprises
- Encrypted backups
- Encrypted Communications
- Ensured data security
- Development security
- Penetration testing and bug bounty programs
- Security management for systems and infrastructure
- Constant monitoring for insider abnormalities
- Constant security monitoring
- Support for a more secure authentication system
- Security options for users
- Security authentication status
Swit Security and Compliance
Prohibition of unauthorized access to customer data
- In no case will Swit access the customer’s data.
- However, if Swit has to address the needs of the customers at their request, Swit will follow the Customer Data Access Procedure and provide a transparency log to guarantee this.
- Access to customer data is monitored in real-time, and unauthorized access is blocked in advance.
Data storage encryption
- All files and data stored on the server are encrypted.
- Encryption keys are securely managed through the Google Key Management Service.
Data storage encryption for enterprises
- Swit provides a separate encryption key for each customer to store their encrypted data.
- With customer-specific encryption keys, control over each customer’s encrypted data is made possible and unnecessary exposure of general text data is avoided.
Encrypted backups
- The data remains encrypted throughout the backup process.
- During the backup process, each backup file is independently encrypted using unique Data Encryption Keys (DEK) derived from keys stored in Google's Key Management Service (KMS) and the file-specific seeds that are randomly generated at the time of backup. All the metadata contained in the backup uses other DEKs stored in Google's KMS.
Encrypted Communications
- Encryption is applied to all communication lines.
- High-level encryption is provided through Transport Layer Security (TLS, v1.2 or higher) and other policies.
Ensured data security
- Object versioning supports recovery of data from unintended deletion / change / loss / corruption, etc.
- Upgraded automated backups enable full data recovery in the event of accidental data loss or corruption.
Development security
- In the Open Web Application Security Project (OWASP) Secure Coding is applied in the development process.
- Code reviews are conducted through 3rd party code analysis tools.
Penetration testing and bug bounty programs
- Swit regularly conducts penetration testing for vulnerability assessment and management.
- Swit performs security reviews throughout the Software Development Life Cycle (SDLC).
- Swit uses 3rd party solutions related to app forgery, obfuscation, etc. to enhance the level of security.
Security management for systems and infrastructure
- Swit complies with the recommendations by the Center for Internet Security (CIS) benchmarks and other security certifications.
- Swit ensures security through regular penetration testing for vulnerability assessment.
- Swit keeps operating system and software versions up to date via regular patches.
- Swit ensures security in the CI/CD process through the Cloud Workload Protection Platform (CWPP).
- Swit monitors and manages overall changes across the system and infrastructure through Cloud Security Posture Management (CSPM).
Constant monitoring for insider abnormalities
- Through constant monitoring using powerful solutions such as Endpoint Detection and Response (EDR) and e-Discovery solutions, Swit takes immediate action in case of abnormal activity.
- Swit supports a secure and standardized working environment with a number of security solutions.
- Swit conducts internal audits of relevant logs every month.
Constant security monitoring
- Swit operates a security operations center (SOC) to conduct constant security monitoring and block and respond to internal and external security threats.
- Swit uses various state-of-the-art security solutions to secure service stability.
- Swit uses Security Information and Event Management (SIEM) software for security monitoring and applies customized use cases and playbooks for our services.
Support for a more secure authentication system
- Stronger password policies can be enforced for used and guests.
- Supports various OTP (Google, MS, Duo Mobile, Okta, etc) software for MFA.
Security options for users
- Swit provides access control for IP addresses and URLs.
- Swit provides options to prevent screenshots (on the mobile Swit app Android only) and set up PIN codes or Biometrics on the mobile Swit app for enhanced mobile security.
- Swit provides an option to restrict file downloads.
- Swit provides an audit log feature for security monitoring.
Security authentication status
