Understanding Regroup’s Mass Notification System Security: Frequently Asked Questions

At Regroup, protecting the confidentiality, integrity, and availability of your data is not just a priority—it is a foundational commitment. Whether you’re sending urgent alerts, integrating with external systems, or managing user access across departments, you need the assurance that every action is backed by industry-leading security practices.

This Security FAQ is designed to give you a clear, transparent look at how Regroup safeguards your data at every stage—from encryption and API protection to cloud infrastructure, user authentication, and compliance with global security standards. By addressing the most common questions we receive, our goal is to empower your organization with the knowledge and confidence to use Regroup’s platform securely and effectively.

Data Processing and Encryption

Q: How does Regroup ensure the security of data during transmission and storage?
A: Regroup ensures data security through stringent encryption protocols. All data in transit between customer sites and our AWS-hosted cloud platform is protected using Transport Layer Security (TLS) 1.3, ensuring secure data transfer. For data at rest, we employ Advanced Encryption Standard (AES) encryption, safeguarding all customer data from potential system compromises or unauthorized access.

Advanced Security Measures

Q: What advanced security measures does Regroup implement to protect against cyber threats?
A: Regroup employs several advanced security measures to fortify its defenses, including:

• OS-Level Firewall: Provides a fundamental layer of security to monitor and control incoming and outgoing network traffic based on predetermined security rules.
  
• Authorization Bypass Security: Prevents unauthorized users from bypassing the authentication process to gain access to sensitive data.
  
• Cross-Site Scripting (XSS) Security: Protects against malicious scripts injected into webpages viewed by other users, ensuring data integrity and confidentiality.
  
• Cross-Site Request Forgery (CSRF) Security: Guards against unauthorized commands transmitted from a user that the web application trusts.
  
• SQL Injection Security: Protects against the insertion of malicious SQL statements into an entry field for execution, preventing data breaches.

API Security and Development

Q: Does Regroup support APIs for integration purposes?

A: Yes, Regroup offers comprehensive support for REST APIs, enabling seamless integration with various external systems and applications. Our REST APIs are designed for easy use and allow for secure, efficient data exchange and automation of notification processes. This support empowers organizations to integrate Regroup’s powerful notification capabilities directly into their existing workflows and systems, enhancing operational efficiency and response times.

Q: How does Regroup secure its APIs and ensure safe data transfer between systems?

A: Regroup’s APIs employ Hypertext Transfer Protocol Secure (HTTPS) for secure communication between systems. All data transferred via our APIs is salted and hashed, ensuring it is never stored or transmitted in clear text. Our development team conducts thorough risk assessments during API development, considering potential system impacts, breach implications, and necessary controls and policies. We adhere to OWASP and SANS security best practices and assessments to maintain high security standards.

Cloud Infrastructure and Redundancy

Q: Can you elaborate on Regroup’s cloud infrastructure and data redundancy measures?

A: Regroup is a 100% cloud-based solution powered by AWS. We ensure service continuity and data availability through redundancy across five geographically dispersed data centers in the US. This setup allows us to offer site-wide encryption to domestic and international clients, ensuring all data in our custody is securely encrypted both in transit and at rest.

User Access and Authentication

Q: How does Regroup manage user access and authentication?

A: Regroup uses robust authentication mechanisms, including multi-factor authentication (MFA), to ensure that only authorized users can access the system. We also implement role-based access controls (RBAC) to restrict user actions based on their roles and responsibilities within the organization.

Q: Can I integrate Regroup with our organization’s Single Sign-On (SSO) system? A: Yes, Regroup supports integration with various Single Sign-On systems, allowing your users to securely access Regroup using their existing organizational credentials, enhancing both security and user convenience.

Compliance and Audits

Q: Is Regroup compliant with GDPR and CCPA industry standards and regulations?

A: Regroup is committed to maintaining compliance with relevant industry standards and regulations, including GDPR, CCPA, and others applicable to our clients’ geographic locations and sectors. We undergo regular audits and assessments to ensure ongoing compliance.

Q: Does Regroup maintain Data Security and Privacy standards certifications? 

A: Regroup is committed to maintaining the highest standards of data security and privacy. We are proud to be compliant with several key industry standards and frameworks, including:

• SOC 1: We adhere to the SOC 1 auditing standards, ensuring our financial reporting and related controls meet the required criteria.
  
• SOC 2: Our compliance with SOC 2 standards demonstrates our commitment to security, availability, processing integrity, confidentiality, and privacy of customer data.
• 
  TX-RAMP: As part of our dedication to serving government and public sector clients, we comply with Texas Risk and Authorization Management Program (TX-RAMP) requirements, ensuring the security and privacy of the data we handle.
  
• ISO 27001: We are certified under the ISO 27001 standard, which validates that our information security management system (ISMS) is comprehensive and follows best practices.

If you’re ready to explore a better way of communication, discover our collection of case studies, blogs, and free resources to learn more.

Schedule a live demo or speak with your Regroup account executive to learn how your agency can benefit.

Book a Demo