New Blog Post Bridging The Frontline Communication Gap - Q&A With Jen Snelders
Skykit Digital Signage and Workplace Solutions
Login
Get A Demo
Try It Free
Elevate your business - Book A Call Today!
Skykit Trust Center: GettyImages 1193505273

Security. Compliance. Privacy. Reliability.

Skykit Trust Center

Explore how Skykit protects your data with enterprise-grade security, industry certifications, and transparent operational practices—all built to keep your organization safe, secure, and informed.

Quick Access:

Security

Enterprise-grade protocols

Compliance

SOC 2, NIST

Privacy

Data controls, role-based access

Reliability

4-hour RTO, 1-hour RPO

Controls

Infrastructure Security

  • Unique protection/database authentication (GCP security)
  • Encrypted data access restricted (logical tenant isolation)
  • Unique account authentication enforced (client-specific API tokens)
  • Google Cloud Armor for DDoS protection and WAF
  • Google Secret Manager for secure credential storage

Organizational Security

  • Asset disposal procedures utilized Protection inventory maintained
  • Portable media encrypted (hard drive encryption)
  • Multi-factor authentication implemented for sensitive systems
  • Regular background checks for employees
  • Confidentiality agreements required

Product Security

  • Data encryption utilized (AES-256 for data at rest, TLS for transit)
  • Code self-assessments conducted (SAST, DAST, SCA tools)
  • Penetration testing performed quarterly with NetSpi Cloud Security
  • Scanner for vulnerability detection
  • Peer code review required for all product changes

Infrastructure Security

  • Continuity and Disaster Recovery plans established (4h RTO, 1h RPO) Continuity and disaster recovery plans tested annually
  • Vulnerability management processes maintained
  • Formal security incident response program
  • Change management procedures enforced

Data and Privacy

  • Data deletion procedures established
  • Customer data deleted upon request (following legal review)
  • Data classification policy established
  • Data notification policy established
  • Access to data restricted based on job requirements
  • Access reviewed quarterly

Compliance

Soc-2

SOC 2

Aligned with SOC 2 framework

Skykit Trust Center: framework informational page hero badges nist csf copy

NIST Framework

Security controls based on NIST standards

Skykit Trust Center: google cloud icon 2048x1646

Google Cloud Platform

ISO 27001, ISO 27018 certified hosting provider

Subprocessors

Skykit Trust Center: Google Cloud logo.svg

Cloud Provider

Skykit Trust Center: codeship.ec974f12f1a2c13fdec365f9d5821d11a44c6669

Continuous integration

Skykit Trust Center: 68747470733a2f2f7261772e6769746875622e636f6d2f6d61696c67756e2f6d656469612f6d61737465722f4d61696c67756e5f5072696d6172792e706e67

Email service

Skykit Trust Center: Salesforce Logo 1

Customer support

Skykit Trust Center: Twilio logo red.svg

Communications management

Skykit Trust Center: Github logo

Version Control

Skykit Trust Center: Netspi

Cloud monitoring and security assessment

Skykit Trust Center

Resources

Policies

  • Access Management Policy
  • Data Classification and Handling PPG Incident Management Policy
  • Business Continuity Process & Procedure Change Management
  • Process & Procedure Vulnerability Management
  • Process & Procedure
  • Security Operations Standards
  • Privacy Policy

Audit Reports

  • Annual Compliance Reviews

Misc

  • Data Processing Agreement
  • Skykit SLAs for SaaS
Skykit Trust Center

FAQ

Where does Skykit store my data?

Skykit stores your data primarily on Google Cloud Platform (GCP) across various US regions, ensuring high availability. Backups are performed at least daily and stored on Google Cloud Storage fixed media. Approved storage locations for confidential data include Skykit laptops, Google Drive, and GitHub.

Skykit protects your data through multiple security measures:

  • Data separation through logical tenant isolation

  • Encryption in transit (TLS/HTTPS) and at rest (AES-256)

  • Strict role-based access control

  • Multi-factor authentication for sensitive systems

  • DDoS protection via Google Cloud Armor

  • Web Application Firewalls in blocking mode

  • Static and dynamic security testing for applications

  • Comprehensive logging and monitoring

  • Google’s robust physical security at data centers

At Skykit, we are committed to protecting your privacy. We do not sell, rent, or trade your personal information or customer data to third parties. Your data is used solely to provide and improve our services, and we implement rigorous security measures to protect your information at all times.

  • Content, Programs, and Playlists: Retained until explicitly deleted

  • Email (terminated employees): 30 days

  • Audit logs: 90 days, then archived for one year

  • Temporary storage of confidential data: Removed after 90 days of non-use

  • Extracts of covered information: Verified every 90 days for continued necessity

How can I request data deletion?

For data deletion requests, contact Skykit support directly at support@skykit.com or via phone. Data subject requests may be reviewed by legal counsel before processing.

For data deletion requests, contact Skykit support directly at support@skykit.com or via phone. Data subject requests may be reviewed by legal counsel before processing.