Enterprise Security.
Compliance-Ready.
No Drama.

Security teams don’t have time to babysit yet another tool. Broadcast is designed to fit inside enterprise security standards: integrations into leading SSO providers, SOC 2/Type 2 certified, a Google Cloud Partner, AES-256 bit encryption and VPAT-compliance.

Why Security Teams Love Broadcast

In addition to compliance, we've highlighted just some of the security measures used throughout Broadcast. From data security to application security, it's easy to see why some of the biggest companies in the world trust their communication to Broadcast.

Compliance
Built for Your Peace of Mind

GDPR
Broadcast supports GDPR-aligned data protection practices through strong security controls, access governance, and data handling procedures.

CCPA / CPRA
Broadcast supports customer obligations under CCPA and CPRA by enabling visibility, control, and secure handling of personal information.

VPAT and Accessibility
VPAT documentation is available upon request, and accessibility considerations are incorporated into product design and testing workflows, with ongoing efforts to align with applicable WCAG accessibility standards.

Broadcast is GDPR, CCPA and VPAT-compliance.

Data Security
Encrypted in Transit

All data in transit is protected using modern TLS (1.2+). That means traffic between users, systems, and Broadcast is encrypted end-to-end to reduce interception risk.

Full governance
TLS 1.2+ for data in transit
Full governance
HSTS to enforce HTTPS across domains/subdomains
Broadcast encrypts all data in transit using AES-256.

Data Security
Encrypted at Rest

Stored data is encrypted at rest using AES-256. Sensitive values can receive additional encryption protection using separate keys (out-of-band keying model).

Full governance
AES-256 at rest
Full governance
Additional encryption for sensitive fields (AES-256-GCM with separate key handling)
Broadcast encrypts all data at rest.

Data Security
Backup and Restore

Production data is continuously backed up to encrypted storage and supports restoration to specific points in time along a stream of database changes.

Full governance
Encrypted backups with point-in-time recovery
Full governance
Production data protected against loss and corruption
Broadcast uses point-in-time back and restore procedures.

Application Security
Single-Sign-On (SSO)

Broadcast supports all major SSO providers. Authentication is delegated to the customer’s identity provider, allowing existing security controls to remain authoritative. Supports SAML-based SSO with common identity providers (e.g. Okta, Azure AD, Google Workspace)

Full governance
Centralized authentication via customer identity provider
Full governance
Supports MFA and existing access policies through SSO
Cerkl requires background checks, training and most restrictive access controls for all employees.

Application Security
Peer Review + Automated Security Scanning

Production code changes require peer review and must pass automated testing, including OWASP Top 10 scanning, vulnerability scanning, and dependency scanning.

Broadcast application security employs strict roles and permissions.

Application Security
Role-Based Access Controls + Reviewable Changes

Access to production systems and internal tooling is determined by role and responsibility. Access is logged, audited, and changes require review before implementation.

All Broadcast application changes go through an extensive review process.

Device Security
Strong Security Controls

Work devices are centrally managed, fully encrypted, protected with endpoint security controls, and required to stay up-to-date. Access to internal tools is protected with SSO and MFA.

Full governance
SSO + MFA required for internal tooling
Full governance
Real-time malware detection
Cerkl employees strict device control procedures including SSO and MFA.
Two internal communicators raving about their internal email analytics through Broadcast.

Our security review was straightforward thanks to Cerkl's SOC2/Type 2 attestation: encryption, access controls, and operational practices were clear, and the implementation didn’t require heroics from IT or Security.

- Tom D., Vendor Security, Fortune 200 Technology Services Firm

Where to next?

Let's discuss your environment

Schedule a Chat
IT thanking internal communicators for selecting Cerkl Broadcast.

Learn more about our launch process

Learn More
Internal communicators monitoring the launch of their Broadcast instance.