Security

Our mascot of the Go-Tech Portal is Ms. Atlas and is copyrighted and proprietary.

All of the application infrastructure for GOT is currently managed by Amazon Web Services (AWS). All data is stored in AWS.  These data centers have received ISO 27001 and SOC certifications etc. More on Amazon Web Services compliance and security

DATA ISOLATION

Sensitive data is ingested, processed, and stored in an isolated, secured environment in AWS, referred to as open source data. Aggregation is done within the open source data, and only the aggregated data leaves it. The isolated account requires additional steps for our GOT developers to access.

SECURE DATA TRANSFER

Our GO-Tech Portal is configured to use the latest TLS version, check for a valid, signed, domain-specific certificate and use a strong set of cryptographic protocols. Our encrypted-by-default philosophy uses https.

USER AUTHENTICATION

GOT Portal users must authenticate with an email and password.

PERSONNEL SECURITY

Access to company systems is removed as soon as possible once it is no longer needed. GOT uses hiring agencies to the extent permitted by law.

DATA RETENTION

We will delete all customer data upon request or termination of GOT’s relationship with the customer/client.

VULNERABILITY ASSESSMENTS

Assessments are based on current attack trends and verification of best practices.

AUDITING

It is our policy to log all actions taken by a user or a service (using a role) and to report those logs automatically to AWS.

NETWORK SECURITY MONITORING

Our cloud providers and centralized logging and alerting system provide intrusion detection capabilities that alert us of suspicious and malicious behavior. The feeds include information from network events, internal-system events, and vulnerability / threat intelligence feeds. Our policy is that employees only have access to data and systems they need to do their job. 

CLIENT USER CLASSIFICATION/ROLES

We classify users and roles according to type and sensitivity and use that classification to define which systems are authorized to access and store different types of data under each category or doorway. The data sensitivity classification is used in the risk assessment process to determine the appropriate level of security controls. We coordinate with client and agency to assess client and user privileges, access to data and information , user roles and credential limitations.

DATABASE ACCESS CONTROLS

We review access periodically and offboard people who no longer need access. Each developer has unique credentials and access.

STORAGE SECURITY

AWS have network-level isolation via Virtual Private Clouds (VPCs) and access is controlled via Access Control Lists (ACLs). Our policy is to automatically deny any traffic which is not explicitly allowed to or from a database. We also use Geosever and periodically check the storage and data interaction with AWS.

APPLICATION DEVELOPMENT SECURITY

Our developers review secure coding standards applicable to the environments, languages, and platforms they're working in. These standards may include ensuring access control of data, sanitizing input / output values, and logging violations that could indicate an attack or vulnerability.

Privacy

AGGREGATION USING READILY AVAILABLE DATA Our data does not include personal data or travel behavior of identifiable individuals. We work only with data that does not contain individual identifiers and we never attempt to re-identify individuals in anonymized data. We do not sell data. Only publicly available data is shared.