Security

We ensure that your data is safe and always protected.

Redundancy, Availability, and Uptime

We strive to maintain a highly available platform with minimal outages. Using a content delivery network and redundancy within our data centres, we ensure failovers exist at multiple levels to maximise uptime.

The status of our systems can be found on our Status Page outlining system availability and any outages that may occur.


Security Testing

We aim to provide the best possible service and this requires ongoing audits of our application security. We implement periodic testing across all of our systems to continuously strengthen our services.


Physical Security

The SMSPortal servers are hosted by iomart in data centres in the UK. By using iomart we are guaranteeing that your data remains totally secure and protected. All iomart data centres are certified to ISO 9001 Quality Management System, ISO 27001 Information Security Management System standards and ISO 20000 International Standard for Service Management. More information on the iomart data centres can be found here.


System Security

We use firewalls and logical access control to protect our servers from unauthorised system access, allowing only trusted operations personnel to manage our systems. We also make sure to use strong configuration standards to harden our servers, and we keep them up-to-date with the latest security patches.


Application Security

We support strong cryptography for communication over public networks, ensuring that your password, your API secret, and the contents of your communications are always protected, as seen in the table below.

TYPE OF COMMUNICATIONSECURE PROTOCOLS USEDOTHER PROTOCOLS USED
Between customers and SMSPortal APIsHTTPS, SFTPHTTP, FTP, SMTP, SMPP
SMSPortal Control PanelHTTPS-
Between SMSPortal and carriersHTTPS, SMPP-over-SSL, SMPP-over-IPsecHTTP, SMPP, SIGTRAN

Supported Cipher Suites

TLS_AES_256_GCM_SHA384
TLS_AES_128_GCM_SHA256
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_256_GCM_SHA384
TLS_RSA_WITH_AES_128_GCM_SHA256
TLS_RSA_WITH_AES_256_CBC_SHA256
TLS_RSA_WITH_AES_128_CBC_SHA256
TLS_RSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_3DES_EDE_CBC_SHA
TLS_RSA_WITH_NULL_SHA256
TLS_RSA_WITH_NULL_SHA
TLS_PSK_WITH_AES_256_GCM_SHA384
TLS_PSK_WITH_AES_128_GCM_SHA256
TLS_PSK_WITH_AES_256_CBC_SHA384
TLS_PSK_WITH_AES_128_CBC_SHA256
TLS_PSK_WITH_NULL_SHA384
TLS_PSK_WITH_NULL_SHA256