Product Security
Aspectum considers ultimate security and data protection to be its main values. In order to provide customers the highest security grade, Aspectum implements the set of norms and procedures and insures the best practices on different layers.
User identity is established through a login process that always takes place over HTTPS. Subsequent access to information requires authentication tokens acquired at sign in. Organizations only allow access through HTTPS, which ensures that all data (for example, features and tiles) as well as authentication tokens are encrypted during transport over the Internet.
Technical Security
The data is stored and processed using AWS’s world-class infrastructure. AWS’s highly secure data centers utilize state-of-the-art electronic surveillance and multi-factor access control systems. Data centers are staffed 24x7 by trained security guards, and access is authorized strictly on a least privileged basis. ISO 27018 certification demonstrates that AWS has a system of controls in place that specifically address the privacy protection of customer content.
AWS is certified at the enterprise and government levels:
- SOC 1 and 2 / SSAE 16 / ISAE 3402 Certified (formerly SAS70)
- SOC 3 Certified
- ISO 27001 Security Certified
- Authorized by U.S. General Services Administration to operate at the FISMA Moderate level
AWS security standards meet or exceed the requirements of some of the most sensitive data and applications.
GDPR Compliance
Aspectum relies on the AWS infrastructure. All AWS services comply with the GDPR. AWS provides customers with services and resources to help them comply with GDPR requirements that may apply to their operations. These include AWS’ adherence to the CISPE code of conduct, granular data access controls, monitoring and logging tools, encryption, key management, audit capability, adherence to IT security standards and AWS’ C5 attestations.
Security By Design
We seek to develop the Services as free of vulnerabilities and impervious to attack as possible through such measures as continuous testing, authentication safeguards and adherence to best programming practices. Operating systems and third-party software are kept current with the latest upgrades and patches recommended by their vendors. Databases and backups can only be accessed through secure authentication.
Incident Response
Aspectum Technical Support’s goal is to minimize customers’ risk associated with security vulnerabilities by providing timely information, guidance and remediation of vulnerabilities of the Services.
Map Services
We are licensed with Google's enterprise-level mapping services. All data that geocoded through Google is secured using 256-bit SSL encryption.