MultiLine Security

Movius follows the highest industry standards to ensure that you can trust us with your critical data.

Movius Internal IT Security

  • We understand the importance of information security, including cybersecurity, to protect against external threats and malicious insiders. 
  • Our cybersecurity strategy prioritizes detection, analysis and response to threat intelligence, cyber risks, and malicious activity. 
  • We continuously strive to meet or exceed the industry’s information security best practices and apply controls to protect our clients and the infrastructure of the company.

Security Certifications

  • Our information security management program is built to comply with the ISO 27001 framework.
  • The security controls for the Movius platform annually undergo SOC 2 Type 2 examination against AICPA defined standards.

Encryption

  • All data is encrypted in transit and at rest.

Secure Cloud Data Center

  • Your data is protected using FIPS 140-2 Level 3 compliant HSMs and customer owned encryption keys.
  • Storage is compliant with:
    • Federal Information Processing Standard (FIPS) Publication 140-2
    • Federal Information Security Management Act (FISMA)
    • Health Insurance Portability and Accountability Act (HIPAA)
    • Payment Card Industry (PCI)
    • Basel II
    • California Security Breach Information Act (SB 1386)
    • EU Data Protection Directive 95/46/EC

Security Scanning

  • SAST and DAST are performed for every maintenance and general release.
  • Manual Penetration testing is performed annually.
  • Bi-weekly vulnerability scan is performed by in-house security experts.

Disaster Recovery and Geo-redundancy

  • Movius performs daily backups of production data that is only used to minimize data loss in the event of a disaster.
  • Production data is immediately written to an independent 2nd database which is either at the same location for single site installations or at a second data center in geo-redundant configurations.
  • We complete re-certification and surveillance audits annually.

Manage Users and Admins

Admin Audit Logging

  • All activities by Admins in Management Portal and Developers using the API are logged in Admin logs.
  • Full search functionality helps you quickly track down activities of interest, including:
    • Log in
    • Adding, deleting, or viewing an account
    • Viewing or downloading a report
    • Viewing or downloading data
  • You can also set up alerts for activities, such as password changes and deleted accounts. See Manage Alerts 

Admin Access Control

User Access Control

  • Admins have complete control over user access to MultiLine app. It's possible immediately suspend or delete a user account from Management Portal to remove access to the application.
  • Calls to a MultiLine number from a deleted account can automatically forwarded, tagged for a specific use or organization, or made generally available.
  • Call or message recording is set by admins and does not allow users to turn the feature on or off, preventing any circumventing of your recording policies.

EMM Integration

  • You can apply any policies from your Enterprise Management solution to the MultiLine application.
    • Apply corporate authentication and password requirement policies to MultiLine applications.
    • Enforce using MultiLine applications when using corporate apps, including phone number links and conference codes.
    • Restrict copy and paste, screenshots, and more from MultiLine to outside apps.

GDPR

  • We ensure ongoing compliance with the General Data Protection Regulation (GDPR).
  • Users can clearly see what data is shared and have the option to opt in or out of sharing their personal data.

Account Cancellation

  • You may cancel with us at any time by contacting our Customer Success team.
  • We will work with you to offload your data and then securely remove your data from the platform.