Security

This is not something we take lightly. We combine enterprise-class security features with comprehensive audits of our applications, systems, and networks to ensure client and business data is always protected.

View our Bug Bounty page

Certifications, Audits & Compliance

  • Wazoku is ISO 27001 Certified
  • Wazoku is Cyber Essentials Plus Certified
  • GDPR Compliant
  • Privacy Policy

Availability & Business Continuity

  • SLAs for uptime
  • Datacentre Locations
  • Disaster recovery
  • Data retention policy
  • Support hours

Platform Security

  • Built on best-in-class open-source frameworks and cryptography standards
  • Separate Dev, QA, Staging & Production Environments
  • Multiple authentication support including SAML2 SSO capability with dynamic group membership, or rely on our NIST-based password management
  • Vulnerability Scanning
  • Third party penetration tests are run annually
  • Data encrypted at rest and in transit
  • Offsite encrypted data backups
  • Bug Bounty

Operations Security

  • Employee Security:
    • Background and credit checks for all employees
    • Security awareness training- all new hires and bi-annual required training and testing of all employees
    • Confidentiality agreements with all staff and contractors
    • Security Task force - in place for event escalation
    • Access management
  • Physical Security:
    • Offices have 24-hour security and CCTV monitoring
    • IT Security
      • Devices are controlled by a mobile device management solution (MDM)
      • Email filtering service to block phishing and spam
      • DNS filtering

Data Center & Network Security

    • Data Centers
    • Microsoft Azure
  • TLS 1.2+
  • Encryption at Rest
  • Network vulnerability scanning
  • Security Incident Event Management (SIEM)
  • Intrusion Detection & Prevention
  • Anti-Malware
  • Data Loss Prevention
  • DDoS Protection
  • Restricted MFA Logical Access
  • Automated provisioning and configuration management