Vision Voice formerly thinkingphones Schedule a demo

security Services

At Vision Voice, information security and the safeguarding of our customers data are at the forefront of our operational and development processes.

In addition to annual required Information Security Training for all Vision Voice employees and contractors, Vision Voice:

  • Completes background

    Completes background checks on all Vision Voice employees and contractors.

  • Security Officer and team of Security Analysts

    Maintains a dedicated Security Officer and team of Security Analysts to provide oversight, auditing, and compliance activities.

  • Strong physical security

    Relies on Tier III, audited, and certified data center providers with the highest levels of operational excellence to ensure strong physical security of all Vision Voice data center assets.

  • Maintins multiple levels of network security

    Implements and maintains multiple levels of network security, including firewalls, intrusion detection and prevention systems (IPS), and DDoS mitigation solutions.

  • Routine internal audits

    Maintains and performs routine internal audits on Vision Voice documented information security policies, which align with industry standard security frameworks, including NIST and ISO 27001.

  • Annual audit activities

    Performs annual audit activities, through an independent firm, on all IT security and operational controls, ensuring SSAE16 SOC2 Type II and HIPAA compliance for all Vision Voice systems.

  • Scan assets

    Security team performs weekly internal vulnerability scans of all Vision Voice assets and meets with operations weekly to address all critical vulnerabilities in a timely manner.

  • Automated source code scanning

    Employs automated source-code scanning on a regular basis to minimize the risk of vulnerabilities that may be introduced early in the development/deployment lifecycle.

  • External security vendors

    Engages with external security vendors at least annually to perform advanced penetration testing on our network, servers, and applications.

  • Protect malicious access

    All Vision Voice employee computers utilize anti-virus software, regimented patch management, and full disk encryption software to further protect malicious access to corporate or customer data.

  • SOC 1

    SOC 1 (Type Ⅱ)

  • SOC 2

    SOC 2 (Type Ⅱ)

  • HIPAA

    HIPAA Health Insurance Portability and Accountability Act

Responsible Disclosure:

Vision Voice understands the important role that security researchers play in keeping our systems and software secure. In the event that you discover a vulnerability in a Vision Voice product, please review our guidelines below for responsible disclosure and contact us immediately at sales@visionvoice.co.uk. Vision Voice will respond to all inquiries within 24 hours, and will continue to follow up with the individual to inform them of estimated time to resolution, and again when the vulnerability has been addressed.

Responsible Disclosure Guidelines:

  • Please include a detailed description of the identified discovery with specific testing information and/or reproducible steps which outline the finding in detail.
  • Do not publish the details of the issue in any public or private forum.
  • Do not share the details of the vulnerability with others until Vision Voice has had the opportunity to resolve the vulnerability.
  • Vision Voice will publicly thank the individual researcher who responsibly submits a finding, when requested.
  • Your testing must not violate any law, or damage, delete, or corrupt any data which you do not own.
  • Please do not perform any activities which may negatively impact the Vision Voice platform and/or users, such as Brute Force or Denial of Service attacks.
SOC 1