Trust & Security
Your customers’ calls, locked down by default.
Every call, message, and recording is encrypted in transit and at rest, run on isolated tenant infrastructure, and audited against the frameworks your buyer asks about, without a paid “security tier”.
Frameworks & certifications
Audited against the standards your buyer asks about.
Defense in depth
Three independent layers, failure of one does not compromise the next.
- Layer 01
Network
A managed perimeter with WAF, rate limiting, and bot detection. SIP and WebRTC traffic terminate behind anti-DDoS with anomaly-based blocklisting.
- Layer 02
Application
Hardened service mesh with mTLS between every internal hop. Mandatory peer review, static analysis, and dependency scanning on every change. Regular third-party penetration tests.
- Layer 03
Data
Strong encryption at rest with per-tenant envelope keys and regular key rotation. Tenant data is logically isolated, no shared schemas, no cross-tenant joins.
Access & monitoring
Identity and audit trails your IT team will actually approve.
- SSO via SAML 2.0 (Okta, Azure AD, Google Workspace)
- SCIM 2.0 user + group provisioning
- Mandatory MFA, TOTP, WebAuthn, hardware keys
- Role-based access with custom permission scopes
- Tamper-evident audit log streamed to your SIEM
- Anomalous-login detection + session revocation
- Per-call access trail for recordings + transcripts
- Real-time alerts for permission + role changes
Infrastructure
Built for resilience, isolated per tenant, instrumented end-to-end.
Multi-region cloud
Deployments span multiple regions with automated failover so a single-zone outage doesn't take a customer down.
Tenant isolation
Logical isolation at the storage and queue layer, no shared schemas, no cross-tenant joins, no noisy neighbours.
Locked-down production
Engineer access requires hardware-key MFA and full session recording. Nobody, including us, touches your data without an audit trail.
Transparency
Sub-processors, disclosure, residency, published, not buried.
Sub-processor list
Live registry of every service that touches customer data, with the data class involved.
Responsible disclosure
Found something? Email info@letsdial.com, PGP key on file, prompt acknowledgment.
Data residency
Pin tenant data to US, EU, or UK, picked at provisioning, enforced at the storage layer.
FAQ
Questions buyers ask in the first call
Yes, every paid plan includes a BAA on request. Healthcare-classified workspaces additionally pin data to HIPAA-eligible infrastructure and disable any retention paths that would store PHI outside the BAA boundary.
The security review your buyer is about to send.
SOC 2, HIPAA, GDPR, sub-processor list, and a real human at info@letsdial.com.
Signed BAA · EU residency · SSO + SCIM included
