Table of Contents
Business continuity and disaster recovery #
Business continuity and disaster recovery cover planning and preparing for potential disasters or disruptions to ensure that the organization can continue to operate and recover in the event of an incident. YouTestMe Business Continuity Planning covers:
-
Disaster Recovery Procedure
-
Backup Strategy
-
Restore Strategy
Information security #
Information security focuses on protecting information from unauthorized access, use, disclosure, disruption, modification, or destruction.
-
-
Data privacy
-
Confidentiality
-
Disclosure of information
-
Data security
-
Import and export of data
-
Access to and extraction of data
-
Data ownerships
-
Data protection
-
Data destruction
-
Security incidents
-
Data breach response
-
-
-
General security policies
-
Production security policies
-
Development policies
-
Encryption in transit
-
End-to-end encryption #
End-to-end encryption ensures both data in transit and at rest remain secure throughout the process:
-
For encryption at rest, YouTestMe uses Microsoft Azure Disk Storage Server-Side Encryption (256-bit AES).
-
For encryption in transmission (in transit), YouTestMe warrants that all client’s data will be encrypted using Transport Layer Security (TLS) 1.2 at an encryption level equivalent to or stronger than 256-bit AES encryption.
-
For increased security, YouTestMe also uses PostgreSQL native support for using SSL connections to encrypt client/server communications.
Deployment appliance hardening #
Deployment appliance hardening covers security measures protecting YouTestMe virtual machines from security threats that can exploit vulnerabilities.
Cloud security #
Cloud security focuses on securing cloud-based systems and data from unauthorized access, data breaches, and other security threats. In addition to all internal security measures, YouTestMe ensures cloud security by using top-notch cloud computing services compliant with the industry standards for cloud security like SOC 1, 2, 3, and ISO/IEC 27001:
Operational security #
Operational security focuses on securing people and processes that are critical to the organization’s operations. YouTestMe is compliant with ISO/IEC 27001 international standard to manage information security and has ISO 27001:2013 certificate.
