Frame.io

Single sign-on solution for Enterprise plans

All non-essential ports and external network interfaces blocked by default

No financial data or credit information is stored in any Frame.io system

All account passwords are stored as one-way hashes

All client-side communication, sessions, and input are validated server-side

All media assets are securely accessed on Amazon S3 using signed URLs

All media assets are encrypted at rest on Amazon S3

All account data is encrypted and securely stored in the database&nbsp;

In the event of server failure, all critical systems have redundant failovers to prevent service disruptions

- Single sign-on solution for Enterprise plans
- End-to-end 256 bit HTTPS SSL encryption
- All non-essential ports and external network interfaces blocked by default
- No financial data or credit information is stored in any Frame.io system
- All account passwords are stored as one-way hashes
- All client-side communication, sessions, and input are validated server-side
- All media assets are securely accessed on Amazon S3 using signed URLs
- All media assets are encrypted at rest on Amazon S3
- All account data is encrypted and securely stored in the database&nbsp;
- In the event of server failure, all critical systems have redundant failovers to prevent service disruptions

We perform static code analysis of all production code

We perform a third-party security assessment&nbsp;

We have Integration and Unit tests for all critical systems

All sub-dependencies have been vetted for security and performance issues

All sub-dependencies are directly bundled into the Frame.io application

We follow strict compliance with source code licensing and open-source licensing

- We perform static code analysis of all production code
- We perform a third-party security assessment&nbsp;
- We have Integration and Unit tests for all critical systems
- All sub-dependencies have been vetted for security and performance issues
- All sub-dependencies are directly bundled into the Frame.io application
- We follow strict compliance with source code licensing and open-source licensing

Frame.io maintains a strict policy for assigning and distributing keys that may access any production or development systems.

Master access keys are never distributed to any employees

Access keys are never stored in any version control system

Access keys are never stored anywhere as plaintext

Individual access keys are generated per employee with developer-only access

- Master access keys are never distributed to any employees
- Access keys are never stored in any version control system
- Access keys are never stored anywhere as plaintext
- Individual access keys are generated per employee with developer-only access

All company workstations and laptops use encryption for storing any potentially sensitive data

All company workstations and laptops use anti-malware and antivirus software

All client data is always anonymized for development purposes

- All company workstations and laptops use encryption for storing any potentially sensitive data
- All company workstations and laptops use anti-malware and antivirus software
- All client data is always anonymized for development purposes

All Frame.io employees have been instructed on best practice security standards

Frame.io employees are granted granular role access to resources

Any employee access to sensitive data is tracked and monitored

Developers only work with anonymized data

- All Frame.io employees have been instructed on best practice security standards
- Frame.io employees are granted granular role access to resources
- Any employee access to sensitive data is tracked and monitored
- Developers only work with anonymized data

Encryption and Resource Access

Source Code

Key Management

Secure Workstations

Employee Awareness