Building global enterprise products

Security policies at Global App Testing

Data and security is key to our organization and product - it's why many business choose Global App Testing. If you have any questions, don't hesitate to get in touch or email compliance@globalapptesting.com

Network & System policies

Our platform is built and hosted exclusively on Amazon Web Services (AWS) which lets us benefit from physical data centre and network architecture build to meet requirements of the most security-sensitive organisations. AWS has an extensive compliance programme that includes ACIPA SOC 2, ISO 27001, and ISO 27017 certified hosting provider designation.

Data and encryption

All our applications, databases, and storage is always encrypted as rest and promptly replicated. Data is stored encrypted using 356-but AES encryption and out kets are managed by AWS ket management services,

Authentication

Our platform utilises Auth) as a service provider for authentication. Employees use a single sing-on (SSO) technology with Google G Suite Directory, which is configured to enforce strong password policy and multi-factor authentication.

Recovery & continuity

We maintain disaster recovery and business continuity plans as part of our ISMS policy. We have high availability infrastructure in the Ireland region and backup failover to Stockholm. Our Professional crowd of Testers and Test Managers are available 24/7. We regularly test and refine this plan to ensure the fastest recoverability in the event of a disater.

Firewalls

All incoming traffic goes through Cloudflare with Web Application Firewall enabled. Cloudflare firewall protects the platform from hostile internet traffic. We always negotiate TLS at minimum version 1.2. All web-traffic is through a secure SSL channel.

Product Security

We have implemented secure development procedures at Global App Testing. All REST and GraphQL requests go though layers of load balancers and reverse proxies we enforce internal API endpoint authentication as well. Additionally, we carry out regular external web penetration tests and operate a bug bounty program to ensure that any vulnerability which are missed in the development process are identified and resolved promptly. Global App Testing maintains a live report of operational uptime and issues on our status page.

Status page

Employee & IT Security

All employees undergo mandatory security and privacy awareness training that includes information about how to protect our customer information. As part of our ISO 27001 certification and commitment to data security, we have developed policies and procedures that all staff must follow. These include monitoring and documenting risk, making improvements to our system, and more. Every Global App Testing employee has a referral check completed to ensure we hire professionals we can trust.

Build Distribution

Protecting your unreleased builds, apps, and websites is of the utmost importance. That's why we employ a number of proactive measures to ensure you have complete confidence. Build distributions are handled securely via platforms such as TestFlights, App Center, Firebase, or whichever platform you prefer. Furthermore, our testers sign NDA's and we can secure access even further whitelisting our Testers via VPN's, IP, or email domain whitelisting for an extra layer of security.

GDPR

All employees undergo mandatory security and privacy awareness training that includes information about how to protect our customers information. As part of our ISO 27001 certification and commitment to data security, we have developed policies and procedures that all staff must follow. These include monitoring and documenting risk, making improvements to our systems, and more. Every Global App Testing employee has a referral check completed to ensure we hire professional we can trust.

Further privacy resources

Find more information including policy text via the links below. Ig you need to email us with regards to the policies, email compliance@globalapptesting.com.