Overview of Wooxy Security Processes
1. Overview
Wooxy takes reasonable precautions to protect Customer Data from loss, misuse and unauthorized access, disclosure, alteration, and destruction.
2. Infrastructure Security
We use Amazon AWS, DigitalOcean and LeaseWeb as hosting service providers which apply heavy cyber security measures and comply to highest data protection standards:
Amazon Web Services: https://aws.amazon.com/compliance/
Digital ocean: https://www.digitalocean.com/security/compliance/
Intercom: https://www.intercom.com/security
CloudFlare: https://www.cloudflare.com/compliance/
3. Access Logging
Systems controlling the management network at Wooxy log to our centralized logging environment to allow performance and security monitoring. Our logging includes system actions as well as the logins and commands issued by our employees in compliance with PCI standards.
4. Security Monitoring
Wooxy team utilizes monitoring and analytics capabilities to identify potentially malicious activity within our infrastructure. User and system behaviors are monitored for suspicious activity, and investigations are performed following our incident reporting and response procedures.
To ensure the continuous integrity of critical system files, application configuration files, and application logs Wooxy has in place file integrity monitoring and log analysis solutions to detect any unauthorized modifications to their system components – files, registry, services, processes and critical system files.
5. Secure Network Architecture
With layer 3 network separation as standard, and using VPN for private networking, our basis for security starts with inherent and proven protection of your data and assets. Interoute complements its in-built platform security with enterprise-grade protection and access management.
Every Wooxy services component is protected by either one or more security groups which contains sets of firewall rules that specify which type of network traffic should be delivered to that particular service. By default, the firewall operates in a deny-all mode and only specific IPs are allowed to connect through open ports.
From customer located to data centre hosted devices & resilient cloud-based virtual firewalls, for use with Interoute Internet access, VPN and Hosting services.
Firewall services will help you tackle threats such as data loss through file transfers, operational impact caused by malware attacks, expense incurred through inefficient use of bandwidth, and compliance failure.
6. Secure HTTPS Access Points
For greater communication security when accessing Wooxy, we automatically switch to HTTPS protocol instead of using HTTP for data transmissions. HTTPS uses the SSL/TLS protocol, which uses public-key cryptography to prevent eavesdropping, tampering, and forgery.
Also to make a data transmission customer need to send Access Keys Digitally signed requests to Wooxy REST API. You use Access Keys, which include an access key ID and a secret access key, to digitally sign programmatic requests that you make to Wooxy.
7. Encrypted Sensitive Data
Encryption is used creating backups and snapshots. Wooxy uses encryption by default to provide additional protection for your data at rest.
8. Employee Access
The security and data integrity of customer DataBases is of the utmost importance at Wooxy. As a result, neither technical nor customer support staff have access to the backend virtual servers, databases, nor access to the NAS/SAN storage systems where backup images reside. Only select engineering team have direct access to the databases based on their role. By design, customer support can’t dump/create screenshots of customer’s data (email database, etc) as no visual access allowed. All the sensitive data is blurred in the admin panel.