...
| Expand | ||
|---|---|---|
| ||
Has your organisation implemented segmentation or segregation in your networks and/or cloud environments? Yes. We implement segregation on the user role level, preventing users from accessing features and pages that are out of their provisioned access. We implement segregation between customer accounts. The product is one system shared between customers with security policies in place to only enable access to customer relevant data. Data is segregated from other customers through the use of dedicated subdomains, user credentials authentication, and organisational identifiers within the product. More information: https://commonplace.atlassian.net/l/cp/EQk0vYN6 |
| Expand | ||
|---|---|---|
| ||
Does your organisation secure and encrypt all data transfers using an appropriate control/protocol (for example, SFTP, HTTPS), and are all data transfers subject to review and authorisation? Yes. Within Commonplace: Data in transit within the Commonplace environment is all within a Virtual Private Cloud (VPC). APIs: Data in transit between Commonplace services and External APIs is protected using HTTPS at a minimum of TLS v1.2. |
...