The data centers used for storing your content and allowing it to be delivered to your customers are certified for compliance with the ISO 27001 standard.

Your data is securely encrypted at rest within AWS S3 buckets using AES-256 encryption, enabled by default through AWS encryption services. Key management is expertly handled by AWS Key Management Service (KMS), providing robust protection against unauthorized access or tampering.

All communication between you, your services, and Prepr—including your data—travels securely over the Internet via encrypted HTTPS traffic using TLS v1.2. Additionally, data is encrypted during transit between Prepr and our Content Delivery Networks (CDNs). This ensures your information remains protected from unauthorized access or manipulation throughout its journey.

At Prepr, we believe that secure access is essential for every environment. That’s why we offer Single Sign-On (SSO) as an add-on feature on all plans, not just enterprises. SSO allows organizations to manage authentication seamlessly while enhancing security and user convenience, making it easier to maintain control over who accesses your data.

Prepr accounts are safeguarded with two-factor authentication (2FA), which requires verification through an authenticator app like Google Authenticator, Authy, or Microsoft Authenticator. Admins can easily monitor which users have enabled 2FA directly within the Prepr interface.

Your data remains on our servers for as long as you need it, governed by our Data Retention Policy. This ensure that data requiring deletion or retirement is managed securely and in full compliance with GDPR regulations.

All our data, including S3 buckets and daily database backups, is securely replicated across multiple regions using AWS S3. Backup data is encrypted at rest with AES-256 encryption.

Internet-facing applications are constantly exposed to potential attacks. To safeguard our application endpoints, we utilize a Web Application Firewall (WAF) provided by our CDN and infrastructure partners.

Prepr's audit log records key activities on all user actions, ensuring transparency and accountability. It also integrates with organization-wide audit systems for centralized monitoring and compliance.

Our infrastructure operates on Amazon Web Services (AWS), with all components deployed across multiple availability zones. This setup minimizes disruptions from potential failures, ensuring your content remains consistently accessible.

Our main infrastructure operates on TRUE, with all services deployed across three availability zones. This setup minimizes disruptions from potential failures, ensuring your content remains consistently accessible.

Our software runs in Docker containers orchestrated by Kubernetes, allowing clusters to scale automatically when system load exceeds predefined thresholds. Designed to handle high volumes of web traffic, our platform is built on a robust microservices architecture and a modern technology stack, ensuring reliability and high availability.

Our Content Delivery API traffic is powered by Fastly, our chosen content delivery network. By leveraging Fastly’s API for efficient cache population and invalidation, we ensure that even in the rare event of infrastructure issues, content continues to be served by the CDN, keeping it accessible and online.

Our APIs and web applications are safeguarded against denial-of-service (DoS) attacks through multiple layers of protection. AWS Shield and Cloudflare Protect provide robust defense against volumetric DoS attacks, ensuring high availability. Additionally, our security-focused CDN delivers application-layer DoS protection, complemented by a web application firewall for enhanced security.

Prepr actively monitors for any signs that could indicate potential incidents. To enhance this vigilance, our event-alerting tools escalate notifications to Opsgenie rotations for Prepr's incident response team. Additionally, we have a comprehensive incident response plan in place, outlining procedures for notification, escalation, management, and reporting to ensure swift and effective resolution of any incidents.

Prepr exclusively uses Stripe to process credit card payments, ensuring that no credit card or related personal information is stored on our servers. Stripe adheres to strict PCI DSS (Payment Card Industry Data Security Standard) compliance requirements, guaranteeing that all data processed on its platform is managed securely.

Prepr employees are required to use Multi-Factor Authentication (MFA) as well as a secure VPN connection for accessing critical systems. MFA is enforced across the primary services utilized by Prepr, providing an additional layer of security beyond standard passwords. This extra step ensures a higher level of identity verification.