SignalWire Security FAQ
Find answers to common questions about SignalWire security practices, encryption standards, compliance measures, and how we safeguard your data across our entire platform.
All fields are required
Find answers to common questions about SignalWire security practices, encryption standards, compliance measures, and how we safeguard your data across our entire platform.
Security isn't just a feature—it's fundamental to everything built at SignalWire. We understand that protecting your communications, data, and customer information is critical to your business operations.
If you have questions that aren't covered here, our support team is ready to help.
How does SignalWire ensure the security of its cloud infrastructure?
SignalWire’s infrastructure is designed for secure, high-performance communication services. We regularly undergo penetration testing, vulnerability assessments, and 24/7 monitoring to ensure data integrity and protection. All communications are encrypted in transit and at rest using industry-standard protocols.
SignalWire is committed to meeting industry regulations, with compliance initiatives for standards like SOC 2, HIPAA, and GDPR (as required). We also adhere to HIPAA guidelines and provide you with the tools for your project to stay within those regulations. We continuously evaluate our processes to ensure we meet the highest security standards for global operations.
What measures are taken to secure SignalWire’s APIs (including Datasphere and SWAIG APIs)?
SignalWire APIs enforce secure connections using HTTPS/TLS. We implement API key-based access control, rate limiting, and request validation to protect against unauthorized access, DDoS attacks, and injection vulnerabilities.
How does SignalWire ensure secure data retrieval when using AI Agents with Datasphere?
Datasphere’s API interactions are protected by role-based access control, and all data retrievals are logged and monitored in real-time. Vectorized data is encrypted, and integration with SWAIG ensures a secure environment for AI interactions.
What measures are taken to secure SignalWire’s APIs (including Datasphere and SWAIG APIs)?
SignalWire APIs enforce secure connections using HTTPS/TLS. We implement API key-based access control, rate limiting, and request validation to protect against unauthorized access, DDoS attacks, and injection vulnerabilities.
How does SignalWire ensure secure data retrieval when using AI Agents with Datasphere?
Datasphere’s API interactions are protected by role-based access control, and all data retrievals are logged and monitored in real-time. Vectorized data is encrypted, and integration with SWAIG ensures a secure environment for AI interactions.
How does SignalWire ensure secure development practices?
SignalWire adopts a DevSecOps approach where security is built into every phase of development. Static and dynamic application security testing (SAST/DAST) is regularly conducted, and our SWML resources are designed to minimize common risks, like code injection.
Platform Security Management
SignalWire’s platform secures data using advanced encryption protocols like AES for data at rest and key management systems for secure key rotation. Our engineers maintain a proactive security posture through:
Security reviews conducted before, during, and after product development
Continuous vulnerability scans and testing by independent third parties
Ongoing threat assessments and mitigation strategies
These measures ensure that SignalWire products remain resilient and secure against evolving threats
.
What responsibilities do customers have for maintaining security?
Customers play a key role in securing their applications. This includes safeguarding API keys, enforcing MFA, updating SWML configurations regularly, and monitoring access to programmable resources.
How does SignalWire respond to security incidents?
SignalWire follows a structured incident response process. If a breach or vulnerability is detected, a dedicated team initiates containment, investigation, and remediation activities. Customers are promptly notified if they are impacted.
How can I stay updated on SignalWire Dashboard, API, and service statuses?
You can monitor real-time updates and maintenance notifications on the SignalWire Status page. It provides information on system performance, outages, and scheduled maintenance to ensure you stay informed.
What is SignalWire’s uptime guarantee, and how is reliability ensured?
SignalWire’s infrastructure is designed with redundancy and failover mechanisms to ensure high availability. Our uptime SLA guarantees a minimum of 99.99% availability. With globally distributed infrastructure, real-time monitoring, and automated failover, we minimize disruptions.
How are service disruptions communicated to customers?
We proactively update customers on service interruptions through the SignalWire Status Page, email alerts, and incident reports. Customers can subscribe to notifications for real-time updates.
Are there external measurements of SignalWire's cyber security?
We maintain a strong cybersecurity program, which is reflected within our Security Scorecard.
