Security at Global App Testing

We understand that protecting your data and software is crucial. That's why security is a key priority for our organisation and product.

Worry less. Test more.

Global App Testing Security
background-accent-fullwidth-blue-purple-update@2x

ISO 27001 Certification

CL-27

Certificate Number 18920
ISO 27001

Global App Testing has successfully completed it's ISO 27001 audit which means we meet the highest worldwide security standards. We have developed powerful processes and policies to ensure the security, integrity, and availability of data.

View certificate

Network and System Security

Our platform is built and hosted exclusively on Amazon Web Services (AWS) which lets us benefit from a physical data centre and network architecture build to meet the requirements of the most security-sensitive organisations. AWS has an extensive compliance programme that includes AICPA SOC 2 , ISO 27001, and ISO 27017 certified hosting provider designation.

Data Hosting and Encryption at Global App Testing

Data Hosting and Encryption

All our applications, databases, and storage is always encrypted at rest and promptly replicated. Data is stored encrypted using 256-bit AES encryption and our keys are managed by AWS Key Management Services.

Single Sign-on (SSO) and Authentication at Global App Testing

Single Sign-on and Authentication

Our platform utilises Auth0 as a service provider for authentication.  Employees use single sign-on (SSO) technology with the Google G Suite Directory, which is configured to enforce strong password policy and multi-factor authentication.

Disaster Recovery and Business Continuity at Global App Testing

Disaster Recovery and Business Continuity

We maintain disaster recovery and business continuity plans as part of our ISMS policy. We have high availability infrastructure in the Ireland region and backup failover to Stockholm. Our Professional crowd of Testers and Test Managers are available 24/7. We regularly test and refine this plan to ensure the fastest recoverability in the event of a disaster.

Web application and network firewalls at Global App Testing

Web Application and Network Firewalls

All Incoming traffic goes through Cloudflare with Web Application Firewall enabled. Cloudflare firewall protects the platform from hostile internet traffic. We always negotiate TLS at minimum version 1.2. All web-traffic is through a secure SSL channel.

Product Security

We have implemented secure product development procedures at Global App Testing. All REST and GraphQL requests go through layers of load balancers and reverse proxies and we enforce internal API endpoint authentication as well. Additionally, we carry out regular external web penetration tests and operate a bug bounty program to ensure that any vulnerabilities which are missed in the development process are identified and resolved promptly. Global App Testing maintains a live report of operational uptime and issues on our status page.

two-developers-looking-at-laptop

Organisational and Information Security

All employees undergo mandatory security and privacy awareness training that includes information about how to protect our customer information. As part of our ISO 27001 certification and commitment to data security, we have developed policies and procedures that all staff must follow. These include monitoring and documenting risk, making improvements to our systems, and more. Every Global App Testing employee has a referral check completed to ensure we hire professionals we can trust.

woman-and-man-looking-at-screen@2x

Build Distribution and Protection

Protecting your unreleased builds, apps, and websites is of the utmost importance. That's why we employ a number of proactive measures to ensure you have complete confidence. Build distributions are handled securely via platforms such as TestFlight, App Center, Firebase, or whichever platform you prefer. Furthermore, our testers sign NDA’s and we can secure access even further by whitelisting our Testers via VPN’s, IP, or email domain whitelisting for an extra layer of security.

All testers are regularly reviewed and monitored for adherence to the policies, procedures, and code of conduct we have created.

image-developers-looking-at-tablet-yellow@2x

GDPR Compliance

GDPR-sm-1

Global App Testing fulfils its obligations for GDPR and is transparent with how we process personal data. Our Privacy Policy honours GDPR, CCPA, and the Privacy Shield Frameworks. Global App Testing has appointed a Data Protection Officer to ensure ongoing compliance with data protection regulations. 

A strategic commitment to data privacy

Your data is safe and secure when you use Global App Testing. We guarantee this. You can read about our Code of Conduct, Privacy Policy, Terms of Service and Candidate Data Protection Policy.
If you need to contact us with regard to any of your rights as set out in these policies, you can make a request by email to compliance@globalapptesting.com.