Security is our top priority

We know that security is important to customers. We take the responsibility to ensure that the 8x8 Communication APIs platform is absolutely secure, private and reliable, so customers can have a peace of mind.

View the white paper
xl-hero-sms-security-656805933.jpg

8x8's Security Organizationlink to this section

Compliance Programslink to this section

At 8x8, we take the lead in the cloud-based communications industry for security across a company’s entire enterprise.

View SOC 2 Type II Audit Certification

View CE+ Certificate

View our HIPAA Compliance

View CSA Cyber Trust Certificate

View ISO 27001 Audit Certificate

Secure and compliant.

Up-to-date with regulations and verified through third-party certifications—for your peace of mind.

a blue hipaa compliant logo on a white backgroundiso 27001 isoqar and ukas management systems logosa logo for the federal information security management acta blue circle with yellow stars and the word gdpr on ita shield with the words pci dss on ita logo that says soc 2 audited type ii

Industry-leading Security and Compliance

Any enterprise product or service must meet or exceed existing customer security and compliance requirements. Prior to launch, all service offerings go through rigorous software code security stress testing using static and dynamic analysis.

Hacker-Powered Securitylink to this section

8x8’s Responsible Disclosure & Bug Bounty Programs

8x8 runs responsible disclosure and incentivized bounty programs through HackerOne to allow anyone to report vulnerabilities.

With this NIST best-practice RDP, we have a well-defined process for finding and fixing vulnerabilities—before they could be exploited. We partner with the security’s greatest minds to keep our customer’s and partner’s data safe and secure.

8x8 Responsible Disclosure Program
dev-two-screens-831115-4x3.png

8x8 Communication APIs: Secure by designlink to this section

Application Development

The 8x8 SDLC includes multiple stages of review; starting with an architectural review at the start of new projects, ongoing code checking by both manual peer review, further review by security staff and automated reviews utilising SAST & DAST tools.

finding-vulnerabilities-1084167628.jpg

Cryptography Measures

Data is encrypted in-transit and at-rest, utilizing strong encryption technologies, such as the Transport Layer Security (TLS) version 1.2, Short Message Peer-to-Peer (SMPP) protocol via TLS, and the 256-bit AES algorithm in Galois Counter Mode (AES-GCM).

security-standards-1126707958.jpg

Built-in security

8x8 provides in-product security and data protection for users to securely integrate our solution, including: Two-Factor Authentication Single-Sign-On via SAML Number Lookup API Mobile Verification API Number Masking

analytics-ai-woman-956379138-4x3.jpg

Comprehensive processes that meet the highest security requirements

The security, availability, and confidentiality requirements for 8x8 Communication APIs platform are managed using a combination of: Documented policies and procedures Management oversight Security-first and privacy-first cultures Technology implementations using security-by-design principles These management practices are implemented in all areas to protect systems, data, and personnel and to ensure compliance with industry best practices and standards.

managing-the-process-83211477.jpg

8x8 is committed to your security

From 8x8’s management philosophy to physical, process, employee, product, and infrastructure security as well as business continuity, 8x8 has put security measures in place to ensure your messages are reliably and securely delivered.

To get started, the 8x8 Developer Hub gives access to step-by-step guides and API references.

Learn more about 8x8’s Security and Compliance Certifications
conclusion-171692961.jpg

Learn more

Get an in-depth look at 8x8’s security practices with our security whitepaper.

Download Whitepaper
security_api.png