TECHNICAL AND ORGANISATIONAL SECURITY MEASURES
Access control to WOOSMAP premises and WOOSMAP employees materials
Access to the different Woosmap facilities is done through physical access control with individual RFID badges . In addition, all workstations used by Woosmap are secured through dual authentication. Access to technical environments is based on strict rules for managing roles and accreditations managed by the Ops and Security teams.
Traceability measures
Tech environments have managed and limited access list of users associated with automatic access logging files kept for a minimum of 30 days.
Software protection measures (antivirus, updates and security patches, tests, etc.)
Cloud hosting solutions providers, regarding their leading market position and visibility, implement advanced security policies. Woosmap, as client of those cloud providers, fully benefits from those security policies for its own solutions.The development workstations, our different environments and tools are updated as soon as new versions are available.Intrusion tests are carried out by an independent third party company at least once a year, or in case of a major release on our platform.
Data backup
The collected data, like a part of our environments, are saved daily on machines with the same rules of security and management as the production environments.
Data encryption
All API calls to Woosmap Platform are done using HTTPS protocol.
Control over subcontractors
We make sure that our Cloud Service Providers identified in the authorized sub-processors list guarantee us as part of their contract, alignment with our security policy on securing their services and hosting our data.We also supervise and monitor all our machines to ensure maximum visibility over platforms use and behavior.Using Cloud service providers from the market leaders, themselves subject to the compliance of the GDPR, ensures to WGS the compliance of its sub-contracted platforms.