Security at

Pepper coordinates meetings between multiple participants in a confidential manner, without sharing calendars.

  • Regular security assessments
    Security assessment performed for the web application, API services and cloud infrastructure by external auditor.
  • Data encryption in transit and at rest
    Data in transit is encrypted via SSL. Data at rest is stored on the encrypted AWS instances.
  • User authentication
    User authentication performed via oAuth protocol via Google and Microsoft e-mail providers. You can additionally protect your Google or Microsoft accounts with MFA.
  • Infrastructure hosted on AWS, residing in a virtual private cloud (VPC)
    The entire infrastructure is hosted on our infrastructure partner, Amazon Web Services (AWS). AWS utilizes state of the art electronic surveillance and multi-factor access control systems. The data centers are staffed 24×7 by trained security guards. The infrastructure resides in a VPC, thus limiting access.
  • Audit logging on all database interactions provides admins with a detailed trail of account activity. System and user access to the infrastructure are logged and stored.
  • Internal security policy
    All employees, contractors and agents with access to your information received extra trainings with guidance about email security, passwords, two-factor authentication, device encryption, and VPNs.