Explore our privacy and security safety measures
When you use Mirro, we know you are trusting us with one of your most valuable assets: private data. So we take all the necessary steps to protect it as we operate our service.
Here’s how we do it.
It’s all in the cloud
Like many Fortune 500 companies, startups, and governments, we use Microsoft Azure’s cloud computing platform.
Because we can rely on their industry-leading privacy policies, compliance programs, and security measures, they’re our vetted provider in the cloud ecosystem.
How we keep your data safe and secure
No unauthorized access to your data
Your safety is always on our minds. That’s why we take several organizational and technical measures to protect your data.
Here are a few of them:
Virtual access control: From user identification and authentication procedures to password safety procedures or automatic bans, we have them all in place for you at Mirro.
Physical access control: As you might expect, we protect our office space with security personnel and surveillance systems. Our teams use card keys for doors and have restricted access throughout the building. Also, our equipment security standards are high.
Comms control systems: Our internal communication flows are encrypted and routed through secure VPN tunnels. Because of this, they can’t be intercepted or accessed by malicious third-parties.
Our access to your data is not a given
At Mirro, you have full ownership of your data. Our guarantee is that we’re keeping it safe for you, stored in Western Europe using Microsoft’s Azure infrastructure.
Few people inside Mirro can access your data, which is limited to fulfilling contractual obligations in a secure manner. For example, our Customer Support team can do so, but only to reply to your inquiries. And if you ever need some debugging, our Tech Support team operates with full action traceability.
To make things extra safe, anyone at Mirro with data access privileges undergoes a background check and has a confidentiality agreement in place.
Back-ups are the norm
Microsoft Azure powers our back-ups on a schedule:
Full back-ups: weekly
Differential back-ups: twice daily
Action logs: every 5 minutes
We’re happy to report all of them are protected by AES 256-bit encryption.
It’s all HTTPS
Whenever you connect to Mirro, your data is secure. One of the reasons for this is that we use an HTTPS connection. If you want to get technical, we support TLS version 1.2 and 1.3.
But it’s not just that. We limit the duration of Mirro sessions for admin accounts to one hour, and our account access tokens are not transferable.
Strong passwords are mandatory
We take good care of your Mirro password. Keeping it in clear text is an absolute no-no for us, so we hash and salt it. Because we use bcrypt, it’s resistant to brute-force search attacks.
We also have strict requirements in place for the length and complexity of passwords. And since we monitor our platform at all times, accounts are automatically deactivated if the wrong password has been inserted one too many times.
We meet rigorous requirements
Our backbone, Microsoft Azure, is the cloud platform leading the industry with over 90 compliance offerings.
Mirro is GDPR-compliant. We meet European regulations, as no data is transferred outside the European Union.
Our people also go through regular GDPR training, so our collection and use of information are on point.
Snoop on our tech to see how we’re bulding our
radically simple performance management solution!