What Is the Outline of YouTestMe’s Cybersecurity Policies

  • Business continuity and disaster recovery cover planning and preparing for potential disasters or disruptions to ensure that the organization can continue to operate and recover in the event of an incident. YouTestMe Business Continuity Planning covers:
  1. Disaster Recovery Procedure
  2. Backup Strategy
  3. Restore Strategy
  • Information security focuses on protecting information from unauthorized access, use, disclosure, disruption, modification, or destruction.
  1. YouTestMe Data Processing Agreement contains information on:
  2. Data privacy
  3. Confidentiality
  4. Disclosure of information
  5. Data security
  6. Import and export of data
  7. Access to and extraction of data
  8. Data ownerships
  9. Data protection
  10. Data destruction
  11. Security incidents
  12. Data breach response
  1. General security policies
  2. Production security policies
  3. Development policies
  4. Encryption in transit
  • End-to-end encryption ensures both data in transit and at rest remain secure throughout the process:
  1. For encryption at rest, YouTestMe uses Transparent data encryption at the file level.
  2. For encryption in transmission (in transit), YouTestMe warrants that all client’s data will be encrypted using Transport Layer Security (TLS) at an encryption level equivalent to or stronger than 128-bit AES encryption.
  • Deployment appliance hardening covers security measures protecting YouTestMe virtual machines from security threats that can exploit vulnerabilities.
  • Cloud security focuses on securing cloud-based systems and data from unauthorized access, data breaches, and other security threats. In addition to all internal security measures, YouTestMe ensures cloud security by using top-notch cloud computing services compliant with the industry standards for cloud security like SOC 1, 2, 3, and ISO/IEC 27001:
  • Operational security focuses on securing people and processes that are critical to the organization’s operations. YouTestMe is compliant with ISO/IEC 27001 international standard to manage information security and has ISO 27001:2013 certificate.

Powered by BetterDocs