All iLoop employees are rigorously vetted and access to the infrastructure and data stores are authorized based on the principle of least privilege. All user log-ins utilize multi-factor authentication (MFA). Individual users access control is managed through a role-based,security group management system.
Like you, we rely on the security protocols supported by your email providers to keep you safe. In addition, we validate all incoming emails using DKIM and SPF verification. This enable us to know if a message is coming from an authenticated server. Users logging into our application are protected by HTTPS secure communication sessions using SSL.
We encrypt our services using SSL. All employees, contractors and agents with access to your information are required to authenticate themselves using the OAuth protocol and multi-factor authentication (MFA). Our data collection, storage and processing operations are guarded both physically and virtually from the outside world. Our infrastructure provides protection against common attacks such as distributed denial of service (DDoS) attack and detections for password brute-force search attempts. Application access points are secured by HTTPS secure communication sessions using SSL. In addition, OAuth is used to provide a separate layer of access control. System and user access to the iLoop infrastructure are logged and stored. The entire iLoop infrastructure is hosted on our infrastructure partner, Amazon Web Services (AWS). AWS utilizes state of the art electronic surveillance and multi-factor access control systems. The data centers are staffed 24×7 by trained security guards. The iLoop infrastructure resides behind a firewall and a Virtual Private Cloud, thus limiting resource access to a very few, well protected access points.