Your Data is Safe

 

User Security

RiskWatch takes customer privacy very seriously and makes every effort to protect our users’ data. Regulations like GDPR require certain standards to ensure the protection of personal data. RiskWatch extends a GDPR-level of privacy protection to all its worldwide customers.

 

RiskWatch collects data in two ways.

 

1. Upon subscribing to their software service via the RiskWatch.com website or through a sales representative, the information collected at this time is an email address and a payment card number. These are processed through the payment logistics company Stripe. Stripe is a European company that is very cognizant of strict privacy regulations. They describe their data protection standards as such:

 

“Stripe’s services in Europe are provided by a Stripe affiliate—Stripe Payments Europe Limited (“Stripe Payments Europe”)—an entity located in Ireland. In providing Stripe Services, Stripe Payments Europe transfers personal data to Stripe, Inc. in the US. To ensure the adequate protection of personal data, we have certified to the EU-U.S. and Swiss-U.S. Privacy Shield Framework. Our Privacy Shield Policy is available here.”

 

“In addition to Privacy Shield, Stripe continues to employ additional compliance measures to ensure an adequate level of protection of personal data transferred outside the European Economic Area.”

 

“Stripe forces HTTPS for all services using TLS (SSL), including our public website and the Dashboard. Stripe.js is served only over TLS. Stripe’s official libraries connect to Stripe’s servers over TLS and verify TLS certificates on each connection. We regularly audit the details of our implementation: the certificates we serve, the certificate authorities we use, and the ciphers we support. We use HSTS to ensure browsers interact with Stripe only over HTTPS. Stripe is also on the HSTS preloaded lists for both Google Chrome and Mozilla Firefox.”

 

“All card numbers are encrypted on disk with AES-256. Decryption keys are stored on separate machines. None of Stripe’s internal servers and daemons are able to obtain plaintext card numbers; instead, they can just request that cards be sent to a service provider on a static whitelist. Stripe’s infrastructure for storing, decrypting, and transmitting card numbers runs in separate hosting infrastructure, and doesn’t share any credentials with Stripe’s primary services (API, website, etc.).”

 

“Stripe has two PGP keys to encrypt your communications with Stripe or verify signed messages you receive from Stripe.”

 

2. Subscribers create user accounts within RiskWatch software. Minimal personal information is stored which at the least includes login credentials to the software, first and last name, email address, and role. Optional information may include phone number and job title. RiskWatch software’s web interface uses https and all transfers of data to RiskWatch’s data centers are made using TLS and AES256 encryption.

 

Data & Network Security

Data is stored in encrypted form (AES256) at AWS data centers which are fully GDPR compliant.

They state:

 

“AWS Compliance, Data Protection, and Security experts have been working with customers across the world to answer their questions and help them prepare for running workloads in the cloud after the GDPR comes into effect. These teams have also been reviewing everything that AWS already does to ensure it complies with the requirements of the GDPR”.

 

“The GDPR provides for the approval of codes of conduct to help controllers and processors demonstrate compliance and best practice. One such code awaiting official approval is the CISPE Code of Conduct for Cloud Infrastructure Service Providers (the “Code”). The Code gives customers comfort that their cloud provider uses appropriate data protection standards, which are consistent with the GDPR.”

 

“On 13 February 2017, AWS declared that Amazon Elastic Compute Cloud (Amazon EC2), Amazon Simple Storage Service (Amazon S3), Amazon Relational Database Service (Amazon RDS), AWS Identity and Access Management (IAM), AWS CloudTrail, and Amazon Elastic Block Store (Amazon EBS) are fully compliant with the Code (see https://cispe.cloud/publicregister). This provides our customers with additional assurances that they fully control their data in a safe, secure, and compliant environment when they use AWS. Our compliance with the Code adds to the long list of internationally recognized certifications and accreditations AWS already has, including ISO 27001, ISO 27018, ISO 9001, SOC 1, SOC 2, SOC 3, PCI DSS Level 1, and many more.”

 

More information regarding AWS and GDPR compliance can be found here https://d1.awsstatic.com/whitepapers/compliance/GDPR_Compliance_on_AWS.pdf

 

Standard Hosted service is provided on a shared AWS server that is also used by other customers. Note, only the hosting of the servers is shared, each customer has their own encrypted database, with decryption limited to the authenticated customer user accounts via a web browser and the RiskWatch software user interface. Data in transit uses the https internet protocol with TLS encryption.

 

Customers may elect to sign up for a dedicated server instead, for an additional annual fee. The dedicated server services will be based on the level of service required by the Customer. Customer may be provided a dedicated server, as an option, hosted in the United States provided annual server fees are paid.

 

All data stored on RiskWatch’s servers are behind a firewall. Servers can only be accessed by authorized RiskWatch personnel that have a legitimate need to access. All access is logged for accountability.

 

The customer is the owner of their data. At any time, they can download all their data that is stored in the software. Additionally, once their subscription ends, RiskWatch will securely wipe all your data from our servers and provide you a certificate of assured data destruction.

 

RiskWatch can also host customers’ applications on the customer’s server. We would regularly install upgrades of our software to the Customer servers as soon as they become generally available, so that the customer receives the benefit of all enhancements and improvements to the product. The customer would be notified by email of any upgrades that affect the program functionality. The only maintenance requirements of the customer would be to perform regular backups of their data. Customers are given full administrative access to their stored data and, after the initial setup by RiskWatch, would have full control for customizing and maintaining their survey content, user accounts, assessment data, and mitigation efforts.

 

Reliability and Upkeep

RiskWatch software has a 99.9% uptime, discounting planned maintenance periods for upgrades and bug fixes. Maintenance downtime is scheduled during non-peak hours to ensure the highest levels of availability. Note, RiskWatch’s applications are web-based, requiring the customer to have an internet connection and an approved web browser. RiskWatch cannot be responsible for the reliability and availability of the customer’s information systems.

 

For utmost assessment and risk data availability, RiskWatch securely backs up its customer’s databases daily.

 

Bugs and security vulnerabilities are taken very seriously with patching given the highest priority. Vulnerability scans are performed before every new release and at regular intervals to keep data privacy and system availability at the highest levels possible.

 

Personnel Security Controls

All RiskWatch employees are screened with a thorough background check and drug test before being onboarded. After hiring, employees that have access to sensitive information sign confidentiality agreements. In addition to standard training related to their day-to-day duties, employees also receive security awareness training and must sign documentation certifying that they understand and will follow all RiskWatch security requirements. Breaches of security policy and any accompanying guidelines result in sanctions that may include termination and/or criminal investigation. Upon employee termination, all access rights to RiskWatch assets and data are immediately revoked.

 

Development Practices

RiskWatch employs secure coding practices throughout the development lifecycle based on OWASP principles. RiskWatch is committed to creating applications that protect the confidentiality, integrity and availability of all physical and electronic information assets of its clients who use their products. The overall goals for the secure coding practices at RiskWatch address the following aspects of application development:

 

· Input Validation

· Output Encoding

· Authentication and Password Management

· Session Management

· Access Control

· Cryptographic Practices

· Error Handling and Logging

· Data Protection

· Communication Security

· System Configuration

· Database Security

· File Management

· Memory Management

· General Coding Practices

 

Some of the most critical aspects supporting RiskWatch’s activities are availability and reliability for network, infrastructure and services. RiskWatch practices openness and principles of public disclosure but will in certain situations prioritize confidentiality over availability and integrity.

 

Security Breaches

Regardless of how carefully engineered RiskWatch’s security controls are, there is a very small chance that it may be necessary to notify customers of security and privacy events. In the event of a breach, RiskWatch will contact all affected customers within 72 hours via email.

 

User Responsibilities

Customer databases are encrypted and can only be decrypted though the RiskWatch application’s user interface. Data going into and out of your RiskWatch product is completely under your control. Additionally, you manage all user access. Application administrators can create user accounts, control their level of access, and set their login parameters (password complexity, expiration, and maximum number of failed logins). The responsibility of security is shared between RiskWatch and its customer. RiskWatch ensures that data at rest (database encryption) and in transit (HTTPS/TLS) is protected, the customer ensures that access via the application user interface is securely controlled.