Awareness Platform has been developed with security and privacy in mind. We apply the principles of Security by Design throughout the lifecycle of our solution.
Awareness Platform is hosted in Microsoft Azure on a scalable and high available infrastructure. We use protective measures such as firewalls and detective measures such as monitoring of (security) incidents to ensure secure operations. Based on the ‘assume breach’ principle, we have spent a lot of effort on compartmentalizing and hardening our technical solution. Personal Identifiable Information (PII) is stored separately from operational data and access passes multiple layers of access controls. For end users, the platform can only be reached via the browser through an TLS-encrypted connection.
We have taken security measures at an organizational and procedural level as well. Every employee has signed a confidentiality agreement and has been screened for access to confidential customer data. Access to the production environment, customer data and source code is based on least privilege and requires strong authentication.
In the event that you encounter a security issue, please report this through our Responsible Disclosure process.