fuze formerly thinkingphones Schedule a demo

At Fuze, information security and the safeguarding of our customers data are at the forefront of our operational and development processes.

In addition to annual required Information Security Training for all Fuze employees and contractors, Fuze:

  • Completes background

    Completes background checks on all Fuze employees and contractors.

  • Security Officer and team of Security Analysts

    Maintains a dedicated Security Officer and team of Security Analysts to provide oversight, auditing, and compliance activities.

  • Strong physical security

    Relies on Tier III, audited, and certified data center providers with the highest levels of operational excellence to ensure strong physical security of all Fuze data center assets.

  • Maintins multiple levels of network security

    Implements and maintains multiple levels of network security, including firewalls, intrusion detection and prevention systems (IPS), and DDoS mitigation solutions.

  • Routine internal audits

    Performs annual audit activities, through an independent firm, on all IT security and operational controls, ensuring SSAE16 SOC2 Type II and HIPAA compliance for all Fuze systems. Security controls are also audited against ISO27001 Annex A standards.

  • Scan assets

    Security team performs weekly internal vulnerability scans of all Fuze assets and meets with operations weekly to address all critical vulnerabilities in a timely manner.

  • Automated source code scanning

    Employs automated source-code scanning on a regular basis to minimize the risk of vulnerabilities that may be introduced early in the development/deployment lifecycle.

  • External security vendors

    Engages with external security vendors at least annually to perform advanced penetration testing on our network, servers, and applications.

  • Protect malicious access

    All Fuze employee computers utilize anti-virus software, regimented patch management, and full disk encryption software to further protect malicious access to corporate or customer data.

  • SOC 1
    SOC 1 (Type Ⅱ)
  • SOC 2
    SOC 2 (Type Ⅱ)
  • HIPAA Health Insurance Portability and Accountability Act
    HIPAA Health Insurance Portability and Accountability Act
  • ISO27001 Annex A
    ISO27001 Annex A
  • CSA Star

Responsible Disclosure:

Fuze understands the important role that security researchers play in keeping our systems and software secure. In the event that you discover a vulnerability in a Fuze product, please review our guidelines below for responsible disclosure and contact us immediately at responsible-disclosure@fuze.com. Fuze will respond to all inquiries within 24 hours, and will continue to follow up with the individual to inform them of estimated time to resolution, and again when the vulnerability has been addressed.

Responsible Disclosure Guidelines:

  • Please include a detailed description of the identified discovery with specific testing information and/or reproducible steps which outline the finding in detail.
  • Do not publish the details of the issue in any public or private forum.
  • Do not share the details of the vulnerability with others until Fuze has had the opportunity to resolve the vulnerability.
  • Fuze will publicly thank the individual researcher who responsibly submits a finding, when requested.
  • Your testing must not violate any law, or damage, delete, or corrupt any data which you do not own.
  • Please do not perform any activities which may negatively impact the Fuze platform and/or users, such as Brute Force or Denial of Service attacks.
SOC 1
Fuze sales - Request contact
Fuze in Action - Schedule a demo
Referral Partner Program Guide
Schedule a demo