How secure is Interprefy?

Interprefy was built to serve some of the world's most crucial conversations. We put security left, right, and center in our technology and operations.

Overview

We use enterprise-grade security to protect events, meetings, and conferences from prying eyes (and ears). Built with the highest security standards at the core, Interprefy is ISO 27001-certified for information security management. A dedicated Information Security Officer ensures continuous monitoring, as well as regular security and penetration testing.

Non-Disclosure Agreements (NDA)

Interpreters and tech support personnel with access to the event audio and video streams sign NDAs to prevent disclosure of sensitive information. 

Server locations

We use distributed infrastructure on redundant servers to ensure worldwide coverage and 99.5% uptime. No matter where you are, our cloud-based technology will function flawlessly provided you have a connection to the internet.

Data storage

Data at rest is stored within the European Union (multiple availability zones) in accordance with our privacy policy.

The Interprefy solution is hosted in Amazon Web Services (AWS) Virtual Private Cloud (VPC). This is a logically isolated section of the public cloud where we use the resources of a secure virtual network. This is where all meeting data and application resides. Data stored on AWS systems are encrypted and access to this data is restricted using RBAC methodology (Role Base Access Control).

Application security 

The Interprefy application uses proven industry standards and protocols for encryption. The platform uses TLS 1.2, the safest method available today. It is encrypted and authenticated using AES-256-GCM and uses ECDHE_RSA as the key exchange mechanism. 

Regular security reviews and vulnerability tests are carried out by independent security firms, to guarantee the highest possible level of security for all platform users. Penetration testing is done in compliance with OWASP 10 methodology.

Data transmission security 

The Interprefy solution is built on WebRTC, the leading technology for secure real-time audio and video streaming for browsers and mobile apps, leveraging a best-in-class telecom provider.

All media streams sent through the Interprefy solution use AES 256-bit encryption, and all stream publishing takes place from a secure HTTPS page. The main protocols providing WebRTC security are SRTP for media traffic encryption and DTLS-SRTP for key negotiation. 

Event authentication

Interprefy solution offers several levels of authentication and authorization, for participants joining meetings on Interprefy Connect (Pro) or Event Pro:

  • Single Sign-On (SSO)
  • Active Directory using SAML 2.0 
  • Allow-listing
  • Two-Factor Authentication (via email or SMS)