To comply with data protection obligations, we ensure continuous credentials auditing and management. Physical access to our IT infrastructure is controlled and managed by AWS & Electronic access is protected by MFA. We enforce the usage of strong passwords & follow the least privilege principle to limit systems’ access to essential personnel only.
Internal security and privacy training is conducted periodically. Meanwhile, architecture network is isolated through private networks & vulnerability scanning are conducted regularly. All internal tools and systems require SSO & Applicational logs are stored offsite and kept for a limited period. We continuously monitor applications and infrastructure by performing regular data backups. We regularly test our Incident Response Plan and our Business Continuity and Disaster Recovery plan.