Single sign-on solution for Enterprise plans

End-to-end 256 bit HTTPS SSL encryption

All non-essential ports and external network interfaces blocked by default

No financial data or credit information is stored in any Frame.io system

All account passwords are stored as one-way hashes

All client-side communication, sessions, and input are validated server-side

All media assets are securely accessed on Amazon S3 using signed URLs

All media assets are encrypted at rest on Amazon S3

All account data is encrypted and securely stored in the database 

In the event of server failure, all critical systems have redundant failovers to prevent service disruptions

We perform static code analysis of all production code

We perform a third-party security assessment 

We have Integration and Unit tests for all critical systems

All sub-dependencies have been vetted for security and performance issues

All sub-dependencies are directly bundled into the Frame.io application

We follow strict compliance with source code licensing and open-source licensing

Master access keys are never distributed to any employees

Access keys are never stored in any version control system

Access keys are never stored anywhere as plaintext

Individual access keys are generated per employee with developer-only access

All company workstations and laptops use encryption for storing any potentially sensitive data

All company workstations and laptops use anti-malware and antivirus software

All client data is always anonymized for development purposes

All Frame.io employees have been instructed on best practice security standards

Frame.io employees are granted granular role access to resources

Any employee access to sensitive data is tracked and monitored

Developers only work with anonymized data