TECHNICAL AND ORGANISATIONAL SECURITY MEASURES

Access control to WGS premises and WGS employees materials

Access to the different WGS facilities is done through physical access control with individual RFID badges . In addition, all workstations used by WGS are secured through dual authentication. Access to technical environments is based on strict rules for managing roles and accreditations managed by the Ops and Security teams.

Traceability measures

Tech environments have managed and limited access list of users associated with automatic access logging files kept for a minimum of 30 days.

Software protection measures (antivirus, updates and security patches, tests, etc.)

Cloud hosting solutions providers, regarding their leading market position and visibility, implement advanced security policies. WGS, as client of those cloud providers, fully benefits from those security policies for its own solutions.The development workstations, our different environments and tools are updated as soon as new versions are available.Intrusion tests are carried out by an independent third party company at least once a year, or in case of a major release on our platform.

Data backup

The collected data, like a part of our environments, are saved daily on machines with the same rules of security and management as the production environments.

Data encryption

All API calls to Woosmap Platform are done using HTTPS protocol.

Control over subcontractors

We make sure that our Cloud Service Providers identified in the authorized sub-processors list guarantee us as part of their contract, alignment with our security policy on securing their services and hosting our data.We also supervise and monitor all our machines to ensure maximum visibility over platforms use and behavior.Using Cloud service providers from the market leaders, themselves subject to the compliance of the GDPR, ensures to WGS the compliance of its sub-contracted platforms.