Data Security

At MSPbots, we understand the importance of data security in today’s digital age. As an IT company with 19 years of experience, we manage data for more than 500 clients across three data centers nationwide. We have a team of extensive security experts who take security seriously to ensure that our clients’ data is protected at all times.  

What Kind of Data Does MSPbots Collect? 

As a data-driven process automation company, we collect all kinds of data from various integrations based on your API permission for the integration. This data is necessary for us to generate the dashboard and drive the bots to help you achieve your goals. 

Client-Side Controlled Security 

We provide you with complete control over your PSA’s API permission to give MSPbots access levels that you’re comfortable with. You can set up and modify these permissions as needed. 

SOC 2 Datacenter in Downtown Chicago 

MSPbots servers are located in a SOC 2 Certified Data Center in downtown Chicago, which ensures that we meet industry-standard security and availability requirements. We are planning to add new data centers in the EU and AU once we have enough clients in those areas. 

Enterprise-Grade Firewall 

Our data center is equipped with an enterprise-grade firewall with proactive intrusion prevention and an isolated network. All direct server accesses, except for ports 443 and 80, are limited, which ensures that your data is protected from external threats. 

Servers Security 

All MSPbots servers are updated weekly with the latest patches to prevent security breaches. We also use 2FA control for server access to prevent unauthorized access to our servers. 

Internal Data Control 

Only key employees in the USA who have undergone background checks have direct access to our production server. General programmers can access the development server environment, where testing data is available. 

Disaster Recovery Plan 

We have a Hot Spare duplication in place for server failover, and a Cold Backup with instant recovery that can be up and running within 10 minutes. We also have an Offsite Datacenter back in Microsoft Azure that can spin up within 30 minutes in case of a data center disaster. 

3rd Party Security Auditing 

We continuously scan and certify our servers for PCI DSS compliance, certified by Forte Payment System. This ensures that our servers meet industry-standard security requirements. 

HIPAA Compliance 

Most MSP situations don’t require storing PHI, but when we do, we ensure that it is protected with a password that MSPbots doesn’t have access to. PHI information should not be added to your PSA. 

Data Sharing 

We do not share any data with people outside MSPbots without proper authorization from the MSP who owns the data. 

Data Deletion 

MSPs have the option to delete all their data if they choose to. 

Bug Bounty Program 

We have a Bug Bounty Program that rewards white-hat hackers who identify bugs in our system. 

GDPR Data Processing Agreement 

We have a GDPR Data Processing Agreement to ensure that our clients’ data is processed in compliance with GDPR regulations. 

We take data security seriously at MSPbots, and we continuously monitor our systems to ensure that they meet industry-standard security and availability requirements. If you have any questions or concerns about our data security practices, please feel free to contact us.