Security

Last Update: 03 Dec, 2025

Security at Desku

Security is a foundational principle of the Desku.io platform. It is not treated as an optional feature but as an essential requirement that governs the design, implementation, and operation of all systems within the Service.

All components of the platform; including infrastructure, software architecture, internal workflows, and operational processes, are developed and maintained to ensure the protection, confidentiality, integrity, and availability of Customer Data. Desku.io maintains security controls consistent with industry-standard practices, including those associated with Customer Data security for SaaS platforms, enterprise cloud applications, and modern AI-driven systems.

These measures support regulatory compliance and provide Customers with a secure, reliable environment for managing sensitive information.

Our Security Commitment

Desku.io is committed to implementing and maintaining security measures designed to protect Customer Data, system integrity, and operational continuity. The platform is developed in accordance with industry-recognized security practices to ensure that safeguards are applied across all layers of the Service, including infrastructure, application components, access controls, and internal operational processes.

This commitment is intended to provide organizations, and their support teams with a secure environment for handling sensitive information and conducting Customer Support activities in a manner that aligns with applicable regulatory, contractual, and organizational requirements.

Key Definitions

“Customer”

A business entity, organization, or authorized individual who accesses or uses the Service. The person creating the account represents that they have authority to bind the Customer.

“Customer Data”

Any data submitted, transmitted, stored, or generated by Customers or their End-Users through use of the Service.

“Documentation”

All written or digital instructions, help articles, onboarding guides, product descriptions, and technical materials provided by Desku.

“Processing”

Any operation performed on Personal Data, whether or not by automated means. Examples include collection, recording, organization, structuring, storage, adaptation, retrieval, consultation, transmission, dissemination, restriction, erasure, or destruction.

“Service”

The Desku.io platform and all associated tools, features, and interfaces, including HelpDesk services, Live Chat, OmniChannel messaging, AI functionality, automation tools, analytics, integrations, and administrative components.

Infrastructure & Hosting Security

The Desku.io platform is hosted on industry-leading cloud infrastructure designed to provide stability, resilience, and consistent security protections. The hosting environment includes the following controls:

Deployment on a trusted enterprise cloud provider (AWS or Google Cloud).

Operation within a SOC 1 / SOC 2–certified environment, ensuring adherence to established operational and security standards.

Geographic redundancy to support Service continuity and minimize the risk of downtime.

Network-level protections, including firewalls, web application firewalls (WAF), and logically isolated network segments to restrict and control inbound and internal traffic.

These measures provide a secure and reliable operational foundation for the platform and support its ability to operate at scale.

Data Encryption

Desku.io applies encryption controls to protect Customer Data during transmission and while stored within the platform’s environment. These controls include:

Encryption in transit using TLS 1.2 or higher for all communications between clients, servers, and integrated services.

Encryption at rest using AES-256 or equivalent industry-standard mechanisms.

Secure API communication protocols applied to all integration points to ensure the confidentiality and integrity of data exchanged with external systems.

These measures constitute a layered encryption strategy designed to prevent unauthorized access and ensure that no unprotected data is transmitted or stored within the platform.

Application Security

Desku.io is developed and maintained in accordance with security-focused engineering standards and ongoing monitoring practices. The platform incorporates the following controls:

Adoption of secure coding standards throughout the software development lifecycle.

Continuous vulnerability scanning and automated alerting mechanisms to identify and address potential security issues.

Bot protection measures designed to prevent automated abuse and unauthorized automated activity.

Real-time threat and misuse detection to identify anomalous or suspicious behavior within the application environment.

These controls support strong Customer Data protection and reduce exposure to evolving security threats, helping organizations maintain a secure operational standpoint when using the platform.

Authentication & Access Controls

Desku.io implements multiple layers of authentication and authorization controls to ensure that access to Customer Data and system resources is appropriately restricted. The platform includes:

Two-Factor Authentication (2FA) to provide an additional layer of identity verification.

Single Sign-On (SSO) and OAuth-based authentication to support secure and centralized access management.

Role-Based Access Control (RBAC) to regulate user permissions based on defined roles and operational requirements.

IP allow-listing (where available) to limit access to approved network locations.

These controls assist organizations in enforcing internal security policies and maintaining appropriate access governance across user accounts and operational teams.

AI & Data Usage Transparency

Desku.io applies clear and transparent data-handling practices in relation to its AI-driven features. The platform limits the use, Processing, and retention of Customer Data to what is required for the execution of tasks within each Customer’s workspace. Specifically:

Data Utilized:

Only the data necessary to generate AI-assisted outputs or to complete tasks initiated within the Customer’s workspace is processed.

Data Not Stored or Used for Model Training:

Data is not retained or used for model improvement outside the Customer’s own tenant environment.

Customer messages and user-generated content are not used to train shared or generalized AI models.

Sensitive information is not stored beyond the duration required for task execution.

Tenant Data Isolation:

Each Customer workspace operates within an isolated environment to prevent cross-tenant data access or exposure.

These practices are intended to provide transparency and support compliance evaluations conducted by security, privacy, and governance teams.

Compliance & Certifications

Desku.io implements security and data protection controls designed to align with major global regulatory and compliance frameworks. These include:

General Data Protection Regulation (GDPR): Measures supporting compliance with EU data protection requirements.

California Consumer Privacy Act (CCPA): Support for rights and obligations applicable to California-based Users.

SOC 2–aligned internal controls: Adoption of security and operational practices consistent with SOC 2 principles (where applicable).

Standard Contractual Clauses (SCCs): Mechanisms to support lawful cross-border data transfers.

These frameworks assist organizations in meeting legal, operational, and governance obligations when using the Desku.io platform.

Incident Response

Desku.io maintains procedures for identifying, assessing, and responding to potential security incidents that may affect the platform or Customer Data. These procedures include:

24/7 system monitoring to detect anomalous activity or indicators of compromise.

Documented incident escalation processes outlining the steps taken to investigate, contain, and remediate identified issues.

Defined incident notification practices to ensure affected Customers are informed within appropriate timelines, consistent with contractual, regulatory, or legal requirements.

Penetration Testing & Audits

Desku.io conducts ongoing evaluations of its security position through independent testing and structured review processes, including:

Routine external penetration testing performed by qualified third-party security professionals.

Independent security assessments designed to identify potential vulnerabilities and verify the effectiveness of implemented controls.

A vulnerability disclosure program that enables responsible reporting of potential security issues by external parties.

These activities support continual improvement of the platform’s security controls and help ensure that protections remain aligned with evolving threat landscapes and industry-best practices.

Data Backups & Availability

Desku.io implements measures designed to maintain data integrity and support the continuity of platform operations. These measures include:

Automated and securely stored backups to protect against data loss and support recovery procedures.

Redundant infrastructure across multiple geographic regions to enhance Service availability and minimize the impact of localized disruptions.

Maintenance processes designed to achieve zero or minimal downtime, ensuring that essential platform functions remain accessible whenever possible.

These controls are intended to provide consistent Service availability and support uninterrupted Customer Support operations.

Contact Our Security Team

For security-related inquiries, or to request Documentation required for procurement processes, vendor due diligence, or compliance reviews, organizations may contact the Desku.io Security Team at support@desku.io. A member of the team will provide assistance and any relevant information needed to support your evaluation or governance requirements.