INFORMATION SECURITY

Security management at all levels.

We evaluate what, why and how to protect. Based on the risks, we detect, manage and/or prevent possible security events and incidents.

Learn more
trust page img1
trust page img2
HUMAN RESOURCES

We recruit, develop, and retain competent and trustworthy employees.

  • Defined roles and responsibilities

  • Background checks

  • Onboarding and annual information security and privacy awareness training

  • Confidentiality requirements and adherence to SpotMe’s policies and procedures

HUMAN RESOURCES

We recruit, develop, and retain competent and trustworthy employees.

  • Defined roles and responsibilities

  • Background checks

  • Onboarding and annual information security and privacy awareness training

  • Confidentiality requirements and adherence to SpotMe’s policies and procedures

trust page img2
THREAT AND INTELLIGENCE

Security mechanisms are based on risks, threats, and intelligence.

  • Defined and controlled policies and procedures on vulnerability management

  • Internal and external monitoring tools

  • Weekly vulnerability assessments

  • Annual external penetration tests, including social engineering tests

trust page img3
trust page img4
SECURE DEVELOPMENT AND CHANGE MANAGEMENT

Request, Review, Test, Accept, Approve.

  • Defined Software Development Life Cycle (SDLC)

  • Formalized change and release management

  • Controlled and separated development, testing, and production environments

  • Regular regression testing for The SpotMe Engagement Platform components

  • Standard, advanced, and extended code reviews

SECURE DEVELOPMENT AND CHANGE MANAGEMENT

Request, Review, Test, Accept, Approve.

  • Defined Software Development Life Cycle (SDLC)

  • Formalized change and release management

  • Controlled and separated development, testing, and production environments

  • Regular regression testing for The SpotMe Engagement Platform components

  • Standard, advanced, and extended code reviews

trust page img4
NETWORK AND OPERATIONS SECURITY

Separate, harden, restrict and control.

  • SpotMe provides a cloud computing application and platform services on a multi-tenant technology architecture

  • All production servers are hardened and have a base configuration

  • Our accesses are restricted and are based on a need-to-know basis, and the least privilege mechanism

  • 24/7 logging, monitoring and alerting activities

trust page img3
trust page img4
INCIDENT MANAGEMENT AND BUSINESS CONTINUITY

If something happens, your data and services we provide to you are our priority

  • Prompt and consistent management of information security incidents

  • Daily backups

  • Business Continuity and Disaster Recovery (BCDR) plan to be used in the event of a disaster

  • Monthly data recovery tests

INCIDENT MANAGEMENT AND BUSINESS CONTINUITY

If something happens, your data and services we provide to you are our priority

  • Prompt and consistent management of information security incidents

  • Daily backups

  • Business Continuity and Disaster Recovery (BCDR) plan to be used in the event of a disaster

  • Monthly data recovery tests

trust page img4