The following information is provided as a guide for our client’s data security requirements.
Additional detailed project specific information is provided during development and implementation.
WMAD Does not store any data from the clients host site.
No Data will be stored. We are going to have membership registration on Users approval.
WMAD maintains documented policies and procedures including (but not limited to)
Yes a detailed security risk register is maintained and tracked.
Yes we have dedicated servers where your site will be hosted in the High Security Data Center of AWS hosted in Australia.
We have daily malware security checks. Server network firewalls are also installed. A dedicated server team monitor server 24/7
We use 3 Tier architecture to built into this platform. All data i.e. Login, Registration, Shopping cart, Member Panel are encrypted. Each process is encrypted. The code is highly secure
All passwords are Encrypted
All users have a unique identifier their own use so that activities can be traced to the Individual responsible user.
We do manage system/user activity. We have an inhouse system built to maintain these records. Each user has a dedicated desktop to work on the Rewards platform. All data is been stored in log files which also record all daily activity
We are using the AWS Network – Sydney Data Centre and dedicated servers. All networks are restricted to only one user. Firewalls have been installed to protect the network
We have it installed on a dedicated AWS server. We have Multiple firewalls, Two-factor authentication software, ICAM software and three-factor authentication. We have a log management system with multiple alerts to provide complete defence.
All applications are reviewed and tested on each change before implementation into the live Environment.
Access is restricted to the minimum of users. All programs and systems have user restrictions. A daily auto back up and log files are maintained.
We have a test Environment where the Rewards Platform is tested before going live. This environment is restricted to the WMAD team only.
We perform Vulnerability Assessment and Penetration Testing (VAPT) on a regular schedule.
When an incident is reported or assigned to the IT Security team, the team performs a detailed 3. incident analysis and risk assessment. Incident Categories are Unauthorised Access, Denial of 4. Service, Malicious Code, Data Leakage, Improper Usage, Investigation. Each incident is given to 5. the Team to take resolve based on the priority of the incident.
We have a stand by team and our platform is tested and reviewed daily.
We have email notification and an SMS is sent to our team if any security breach has occurred outside of business hours. The team work 24/7 on the dedicated server so team handles the issue immediately if there is an attempt to breach data security.
AWS security and malware scanning is performed on a regular basis and logs generated.
All data communication is encrypted
No. As we don’t provide any access to any parties outside of WMAD. All code is secure and protected which is accessed through only our dedicated IP location.
All data is hosted in Australia in the AWS Data Centre
There is no Control panels. Access is only through the dedicated IP address of the IT team. The server is scanned and protected by AWS security measures.
The system is hosted remotely accessed with only the one dedicated IP address of the IT Team.