By providing you access to our all security and privacy practices on this pages and on our Trust Center, we think you have all the information necessary to choose, if yasoon apps are a good fit for your company.
...
Yes. We run a Bug-Bounty-Programm on bugcrowd to encourage security researches looking for vulnerabilities and claim their bug bounties. We run pen-tests multiple times per year.
Are you willing to share a management summary of the most recent penetration testing reports?
...
Staffed reception desk
Guards (shared by entire building)
Motion detectors, Alarms
Electronic access control (e.g., swipe cards)
...
Do you have an auditable process in place for granting and revoking physical access to office facilities? Are physical entry logs kept for at least six months?
Yes and yes.
Do you have a clear desk policy that also requires unattended equipment to be appropriately locked down e.g. Screen Lock, securing laptops with a cable etc.?
...
Do you have written job descriptions for employees with access to confidential or sensitive information?
Yes
Do you have processes in place to ensure that access to data is granted solely on a "need-to-know" basis, in accordance with the job descriptions and responsibilities of users? Do these processes also revoke access when the need no longer exists?
...
Quarterly or more often.
Does the scope of your internal internal assessment include the entire security and privacy program, as well as all operations, services, and systems that involve access to the customer data or systems that are used in this project?
Yes.
How often does an independent third party perform audits of your security and privacy program? (Note: this should not include penetration tests or other technical assessments; rather, it refers to security reviews of your organizational processes, procedures, and policies.)
...