Span Workspace is hosted on the Microsoft Azure platform. The service is segregated so that users can only access their services and data. The Microsoft Azure cloud services have extensive built-in security controls that Microsoft advises conform to the following security and privacy accreditations: ISO/IEC 27001, ISO/IED 27018, GDPR, SOC1, SOC2, SOC3, FedRAMP, PCI, NIST, EU/US Privacy Shield.
Data within Span Workspace is encrypted while in transit and at rest. We maintain an “A” ranking from Qualys SSL Labs for our certificate, protocol support, key exchange and cipher strength. We only use current cryptographic technologies and disable older, less secure or compromised technologies. Encryption controls are reviewed quarterly and as new threats emerge.
Vulnerability assessments and penetration testing of Span Workspace are regularly conducted by an independent, accredited company. Any high severity vulnerabilities detected are immediately remedied and then retested. The assessment uses Security Testing and Incident Response Team’s (STIRT) Vulnerability Assessment (VA) methodology.
Administrators can control user authentication, implement multifactor authentication and enforce password complexity parameters through their single sign-on (SSO) service providers. SSO integration is currently available for Microsoft Azure AD®, Ping® and Okta.