Because our customers use iShuttle technology to move their most valuable assets, we take precaution to secure every layer involved in file movement. Our security technology and implementation have undergone extensive third-party reviews to ensure effective protection.

Designing Secure Software

Building secure software requires a strong understanding of the threats you’re protecting against and secure design principle in order to apply security functions — like authentication, authorization, data integrity, data confidentiality, and non-repudiation — to protect against those threats.

Every software engineering team needs to be educated in not only security functions but also secure design principles. Otherwise, security functions can be implemented in ways that don’t actually protect the assets from threats. Our development team is thoroughly trained in secure design principles, and rigorously applies security functions such as:

  • Authentication: to ensure users are who they say they are.
  • Authorization: processes that require users to have preapproved access by operational managers.
  • Data confidentiality: to encrypt data from unauthorized access.
  • Data integrity: to ensure data cannot be corrupted.
  • Non-repudiation: to make sure a user cannot deny having taken an action.
  • Availability: to protect from interrupted access.

iShuttle utilizes standards based security technology like Transport Layer Security (TLS) to protect assets. Mechanisms provided by TLS are used to secure data as it is transmitted in regards to data transfer, advanced authentication, data integrity, and data confidentiality. We ensure that all transfers are appropriately authorized and tracked including non-repudiatable proof that files were delivered.

But designing secure software is only half the picture. Providing a secure service is equally as important. As a SaaS provider, iShuttle employs service organization controls implemented in accordance with industry standards and best practices.

At iShuttle, security is much more than just applying technology to mitigate threats; it is deeply engrained into our way of thinking about software development and operational procedures.