This article explains how Shipber and you (the customer) share responsibility for security, privacy, and compliance across the Shipber cloud. It complements the Shipber Services Agreement and the Data Processing Addendum (DPA). This is product guidance, not a contract. Contractual obligations remain governed by the Shipber Services Agreement and the DPA.
What Shipber secures
- Cloud infrastructure and platform — Security “of” the cloud: hosting environment, network perimeter, load balancing, and underlying systems we control.
- Application security — Secure SDLC, code review, dependency scanning, and regular penetration testing for Shipber-managed components.
- Encryption — TLS for data in transit; encryption at rest for customer data stored by Shipber.
- Secrets and key handling — Secure storage and rotation of service credentials we generate and manage for the platform.
- Shipber workforce access — Least-privilege access, strong MFA, and just-in-time controls for Shipber personnel.
- Backups and service continuity — Regular backups, tested restore procedures, and resiliency measures to meet our availability targets.
- Vulnerability and patch management — Continuous monitoring, patching, and risk-based remediation of Shipber-managed systems.
- Logging and detection — Centralized logging for security-relevant events, alerting, and abuse detection on the platform.
- Security incident response — Triage, containment, investigation, and customer notification per our Security Incident Management guideline and the DPA.
- Subprocessor oversight — Vendor due diligence, security and privacy reviews, and contractual safeguards for approved subprocessors.
- Compliance program — Policies, training, and externally attested controls aligned to common standards; details are published in our trust materials.
- Product guardrails — In-product controls (for example: role-based access, audit logs, API rate limits, webhook signing) and secure defaults.
What you secure
- Identity and access — Your SSO/MFA settings, password policy, SCIM provisioning, role assignments, and periodic access reviews.
- Tenant configuration — Organization settings, allowed domains, session timeouts, IP allow lists, and other security options in the admin UI.
- Data governance — What data you upload, lawful basis and notices, retention choices, and redaction/pseudonymization as needed.
- Endpoint and network hygiene — Your devices, browsers, local networks, and email security (phishing protection, DMARC, etc.).
- Admin processes — Joiner-mover-leaver/offboarding, change management, and approvals for elevated privileges.
- API & webhook secrets — Storage, rotation, and usage of your API keys, signing secrets, and OAuth client credentials.
- Marketplace apps you install — Vetting, approvals, scopes granted, data flows enabled, and ongoing review of third-party apps.
- Integrations & custom code — Secure development, secret handling, and monitoring for any scripts, middleware, or iPaaS you operate.
- Carrier accounts and credentials — Provisioning, rotation, and compliance with carrier terms for accounts you connect to Shipber.
- Your business continuity — Local exports, playbooks, and contingencies specific to your operations.
Shared responsibilities (by area)
-
Marketplace apps & integrations
- You: decide which apps to install; grant minimum required scopes only; review vendor security/privacy; periodically re-authorize or remove unused apps; monitor activity and revoke access when no longer required.
- You (periodic review): run a quarterly permissions review with app owners; compare granted scopes vs. actual use; remove stale webhooks/credentials.
- Shipber: provide an integration framework, OAuth scopes, webhook signing, logs where available, and the ability to disable apps that violate policies.
- Third-party vendors (apps/connectors/carriers): operate under their own terms and privacy notices. Their obligations are not assumed by Shipber.
-
APIs and webhooks
- You: protect and rotate API keys; secure webhook endpoints (TLS, auth, replay protection); handle retries idempotently.
- Shipber: enforce TLS, authentication, rate limits, event signing, and provide developer documentation and sandbox resources.
-
Data retention and deletion
- You: choose retention settings, delete data you no longer need, and request deletion per your policies.
- Shipber: expose admin controls and APIs; perform secure deletion upon request/contract end; manage backups with lifecycle controls.
-
Incident management
- You: promptly report suspected account compromise or exposed credentials; cooperate in response and remediation.
- Shipber: investigate and notify per our Security Incident Management guideline and the DPA; share indicators and recommended actions.
-
Continuity and recovery
- You: maintain operational playbooks (for example, alternative workflows if an integration is down).
- Shipber: maintain platform-level backup/restore and service resiliency.
Carrier accounts and external services
- You own the credentials and terms for any carrier or external service you connect.
- Shipber transmits and stores such credentials securely and uses them only to provide the features you enable.
- If we detect misuse, invalid credentials, or material risk, Shipber may temporarily suspend a connection to protect your data and the platform; you will be notified with next steps.
- Carriers and external services determine their own security, data handling, and adjustments under their contracts with you.
Quick admin checklist
- Enforce SSO and MFA for all admins; prefer SCIM for provisioning.
- Assign least-privilege roles and review access quarterly.
- Review installed marketplace apps and audit granted scopes.
- Rotate API keys and webhook secrets; enable IP allow lists where available.
- Configure retention and deletion; test a sample deletion workflow.
- Monitor audit logs and set alerts for sensitive actions.
- Offboard users promptly and revoke stale tokens.
- Validate carrier/integration credentials on a schedule; remove unused connections.
- Ensure your Security Contact and Admins enable relevant notification subscriptions; verify email deliverability; choose channels (in-product or email).
Related reading
- Security Incident Management (how we triage, contain, and notify)
- Data Processing Addendum (roles, instructions, deletion/return, subprocessors, and audits)
- Shipber Services Agreement (commercial terms, limitations, dispute resolution)
Comments
0 comments
Article is closed for comments.