Overview
Every message, contact record, deal note, and attachment that moves through Voxys is encrypted in transit with TLS 1.3 and at rest with AES-256. Keys are managed in an HSM-backed KMS with regular rotation, and enterprise customers can bring their own key or pin storage to EU, GCC, or US regions. It's built for compliance, security, and procurement teams who need to sign off on a customer comms platform without writing exceptions.
- TLS 1.3 for all channel, API, and dashboard traffic
- AES-256 at rest for messages, files, and CRM records
- HSM-backed key management with automatic key rotation
- Bring-your-own-key (BYOK) on enterprise plans
- Regional data residency: EU, GCC, or US
- Field-level encryption for PII in contacts and deals
- Signed webhooks and mTLS for outbound integrations
How it works
Pick your region
Choose where conversations and CRM data live during onboarding. Enterprise customers can pin storage to EU, GCC, or US data centers.
Connect your keys
Use Voxys-managed keys by default, or bring your own KMS key on enterprise. Rotation, revocation, and audit logs run automatically.
Verify in the audit log
Every access to encrypted data is logged with actor, timestamp, and reason. Export logs to your SIEM whenever you need them.