Security - CommBox

blankWe put data security and customer privacy as our top priority.

CommBox offers enterprise-grade security capabilities that ensures full encryption on rest of sensitive information. Our bulletproof security is packed with features that offer secure transport of data as well as automatic identification and obfuscation of sensitive information, IP whitelisting, advanced data filtering, flexible deployment models (cloud, private cloud, and on-premise), and much more.


Product Security

Single sign-on (SSO) – Permits user authentication in the system without forcing them to type in additional sign-in credentials.
Additionally, within the SSO we support SAML, LDAP, and AD.
Two factor authentication (2FA) - Two-step verification and authentication process used as an extra layer of security. It will send an SMS message to the stored phone number of the user with a one-time code after password typed in to verify the user identity.
Password storage - CommBox use a password complexity standard and credentials are stored using a PBKDF2 function. PBKDF2 are key derivation functions with a sliding computational rate, used to reduce vulnerabilities to brute force attacks.
Permissions – CommBox allows permission level within the platform to be set for system admins and managers. Each agent can assign with multiple permissions such as: channels, modules, general settings, and more.
Access restriction - Access to the system can only be restricted through authorized IP addresses. Additionally, user actions can be tracked in the system.
Integration – The integration process is done in REST. The integration between CommBox and the customer is done through a unique token and HTTPS secure server.

Network & Application Security

Data Hosting and Storage – CommBox platform and data are hosted in Amazon Web Services (AWS) facilities EU (west1) in Ireland.
Recovery plan – CommBox have a well-planned recovery plan. All the information is in a formal document that we can provide by demand.
Backup - All data is stored on two separate servers (production + backups) on AWS server farm. All information is backed up on the backup server up to two weeks back. In case the production server is unavailable, the backup server is available with the entire data.
Encryption - All data traffic passed through CommBox is encrypted in transit using 256-bit encryption. Our API and application endpoints are TLS/SSL and score an “A” rating. Additionally, CommBox encrypt data at rest using an industry-standard AES-256 encryption algorithm for maximum security.

Added Security Features

GDPR compliance – CommBox complies with the EU GDPR (European Union General Data Protection Regulation) framework as set forth by the European Union regarding the collection, use, and retention of personal data from European Union member countries. CommBox has certified that it adheres to the requirements of notice, choice, onward transfer, security, data integrity, access and enforcement. Official documents are available by demand.
Privacy protection law – CommBox manage security and control measures under the Privacy Protection Law. CommBox manage a registered database. Our data base registration number: 600010836.
Confidentiality - We sign and undertake to sign every NDA (nondisclosure agreement).
All CommBox employees are signed on a general document commitment to maintaining confidentiality.
DPA - See CommBox Data Processing Agreement - DPA

Learn why customers choose CommBox for their customer communications.

Request a Demo

CommBox Recognized as Leaders and High-Performers in the CX Market by G2


Build the customer experience
you always wanted

We have rebranded blank

Thank you BumpYard. Hello CommBox

Say hello to, the intelligent customer communication center for live and automated interactions.

We’re extremely excited to announce that we have changed our company name to CommBox. It’s still the same company with the same awesome people! just a new name, a fresh look, and a brighter future.

Read full story