We understand that protecting your data and software is crucial. That's why security is a key priority for our organisation and product.
Worry less. Test more.
Certificate Number 18920
Global App Testing has successfully completed it's ISO 27001 audit which means we meet the highest worldwide security standards. We have developed powerful processes and policies to ensure the security, integrity, and availability of data.
Our platform is built and hosted exclusively on Amazon Web Services (AWS) which lets us benefit from a physical data centre and network architecture build to meet the requirements of the most security-sensitive organisations. AWS has an extensive compliance programme that includes AICPA SOC 2 , ISO 27001, and ISO 27017 certified hosting provider designation.
All our applications, databases, and storage is always encrypted at rest and promptly replicated. Data is stored encrypted using 256-bit AES encryption and our keys are managed by AWS Key Management Services.
Our platform utilises Auth0 as a service provider for authentication. Employees use single sign-on (SSO) technology with the Google G Suite Directory, which is configured to enforce strong password policy and multi-factor authentication.
We maintain disaster recovery and business continuity plans as part of our ISMS policy. We have high availability infrastructure in Ireland region and backup failover to Stockholm. Our Professional crowd of Testers and Test Managers are available 24/7. We regularly test and refine this plan to ensure the fastest recoverability in the event of a disaster.
All Incoming traffic goes through Cloudflare with Web Application Firewall enabled. Cloudflare firewall protects the platform from hostile internet traffic. We always negotiate TLS at minimum version 1.2. All web-traffic is through a secure SSL channel.
We have implemented secure product development procedures at Global App Testing. All REST and GraphQL requests go through layers of load balancers and reverse proxies and we enforce internal API endpoint authentication as well. Additionally, we carry out regular external web penetration tests and operate a bug bounty program to ensure that any vulnerabilities which are missed in the development process are identified and resolved promptly. Global App Testing maintains a live report of operational uptime and issues on our status page.
All employees undergo mandatory security and privacy awareness training that includes information about how to protect our customer information. As part of our ISO 27001 certification and commitment to data security, we have developed policies and procedures that all staff must follow. These include monitoring and documenting risk, making improvements to our systems, and more. Every Global App Testing employee has a referral check completed to ensure we hire professionals we can trust.
Protecting your unreleased builds, apps, and websites is of the utmost importance. That's why we employ a number of proactive measures to ensure you have complete confidence. Build distributions are handled securely via platforms such as TestFlight, App Center, Firebase, or whichever platform you prefer. Furthermore, our testers sign NDA’s and we can secure access even further by whitelisting our Testers via VPN’s, IP, or email domain whitelisting for an extra layer of security.
All testers are regularly reviewed and monitored for adherence to the policies, procedures, and code of conduct we have created.
If you need to contact us with regard to any of your rights as set out in these policies, you can make a request by email to firstname.lastname@example.org.