Global Relay

Global Relay

Search the Trust Center...
Ctrl +K

Global Relay | Trust Center

Everything you need to complete your security review is here. Browse documents, certifications, and compliance details with confidence. Our Trust Center is regularly updated to reflect the latest audit results, and subprocessor disclosures.

Quick links


Badges

soc2-type-2
SOC 2 Type II
iso-27001
ISO 27001
gdpr
GDPR
ccpa
CCPA

Our Philosophy

Global Relay is committed to safeguarding the confidentiality, integrity, and availability of customer data. We align our security program with ISO 27001 and SOC 2 standards. Our security strategy is closely tied to customer needs, contractual and legal requirements, and our business goals.

As part of our security program, we aim to:

  • Identify, assess, and contain risks
  • Build credibility and trust with and customers and partners
  • Deliver secure, reliable services that meet the stringent requirements of regulated industries like finance, insurance, and government
  • Provide appropriate awareness of information security within Global Relay
  • Continually improve security by reviewing and acting on customer feedback, audit results, test results, and other sources of information

Our defense in depth measures include physical security, intrusion detection and prevention, redundant systems, data encryption, software security testing, 24x7 monitoring, and well-trained employees.

Laurence Lafond

Chief Information Security Officer

Coming Soon


Quick Summary

Has a formal mobile device management (MDM) program

Deletes customer data on request

Uses a centralized IAM solution (SSO) to manage employee access


Documents & Knowledge Base FAQs


Announcements

New SOC 2 Reports

Global Relay SOC 2 reports for the period May 1, 2024, to April 30, 2025, are now available on the trust portal.


SharePoint Vulnerability

Global Relay does not use SharePoint and hence we are unaffected by this incident.


CrowdStrike Outage

Global Relay is closely following the ongoing worldwide outage situation caused by an issue with CrowdStrike cybersecurity software. We are not currently experiencing any impact to Global Relay services and will keep customers up to date if circumstances change.


Snowflake Targeted Campaign

Global Relay is aware of the cyberattack campaign targeting Snowflake customer accounts. Global Relay does not use Snowflake and isn't exposed to this campaign.


Ivanti Vulnerabilities

Global Relay is aware of CVE-2023-46805 and CVE-2024-21887, vulnerabilities affecting Ivanti Connect Secure and Ivanti Policy Secure. Global Relay doesn't use these Ivanti products and isn't affected by these vulnerabilities.


Updated Certificate of Insurance

An updated certificate of insurance (COI) is now available on the trust portal. The new COI covers the period October 27, 2023 to October 27, 2024.


2023 Business Continuity Exercise

The 2023 business continuity exercise was conducted on October 4, 2023. A summary is now available on the trust portal.


Confluence Data Center and Server Vulnerability

Global Relay is aware of CVE-2023-22515, a broken access control vulnerability in Confluence Data Center and Server. Global Relay isn't affected by this vulnerability.


WS_FTP Server Vulnerabilities

Global Relay is aware of recently discovered vulnerabilities in WS_FTP Server (CVE-2023-42657 and CVE-2023-40044). Global Relay doesn't use WS_FTP Server and isn't affected by these vulnerabilities.


2023 Penetration Test Report Available

The 2023 independent penetration test report is now available in the trust portal.


Barracuda Email Security Gateway Vulnerability

Global Relay is aware of CVE-2023-2868, a remote command injection vulnerability in the Barracuda Email Security Gateway appliance. Global Relay doesn't use Barracuda Email Security Gateway and isn't affected by this vulnerability.


New SOC 2 Reports Available

Global Relay SOC 2 reports for the period May 1, 2022 to April 30, 2023 are now available on the trust portal.


Citrix ADC and Gateway Vulnerabilities

Global Relay is aware of CVE-2023-3519, CVE-2023-3466, and CVE-2023-3467. We don't use Citrix NetScaler ADC or Gateway products and aren't affected by these vulnerabilities.


MOVEit Transfer Vulnerability

Global Relay is aware of CVE-2023-35708, a privilege escalation vulnerability in Progress Software's MOVEit Transfer product. Global Relay doesn't use MOVEit Transfer and is not affected by this vulnerability.



What we offer

Global Relay Archive

Global Relay Archive is a SaaS solution for archiving, surveillance, and eDiscovery of ecomms, voice, files, and trade data. Configurable workspaces and workflows put data in the hands of the right people—from compliance officers, to legal counsel, to an employee looking for a critical email.

Typical data access: Corporate communications (e.g. email, IM, social media, text messaging), corporate files (e.g. email attachments, Google Drive files), trade tickets (e.g. Refinitiv FX tickets), basic employee information (e.g. name, corporate email address, department)

Global Relay App

Global Relay App is a multi-channel messaging solution for compliant communications. Supported messaging channels include text (SMS/MMS), WhatsApp, voice calls, and instant messaging. All messages are preserved in Global Relay Archive for surveillance and eDiscovery.

Typical data access: Corporate communications (e.g. text messaging, voice calls, WhatsApp messages, attachments), basic employee information (e.g. name, corporate email address, business phone number)

Powered by Conveyor, the first end-to-end customer trust platform.
Learn more