Versions Compared

Old Version 19

changes.mady.by.user arkadi kaplon

Saved on

compared with

New Version 20

changes.mady.by.user arkadi kaplon

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

  • Galooli is committed to protecting the security, availability, and confidentiality of its customers’ data. 

  • Galooli implements a comprehensive information security program that is based on the ISO 27001 standard. This program includes various security measures of the cloud environment, including access control, data encryption, network security, and data backup and recovery. 

  • Galooli holds ISO 9001 and ISO 27001 certifications. You can access the certificates in our knowledge base at: Quality Standards, Certifications, and Patents.

  • Galooli assures full compliance with GDPR requirements.

  • For detailed information on Galooli’s security and privacy policy, please refer to the links bellow
    Should you have any questions or concerns, please contact us.

Table of Contents

Galooli's Servers Security Level

...

Unit Protection

Login

 Protocol Between
Clients and Server

System Architecture

Development

General

 

Propriety protocol between on-site units to servers

  • Optional - HTTPS secured communication between unit to server

Password managing

  • Date

  • Complexity (length & combination

  • Controlling use (specific dates and times) time according to clients preference  

  • After five incorrect password attempts, a temporary block is placed on the user

 

Token based connectivity

 

Server systems are departmentalized, with different secured VPCs without the possibility of accessing DB 

 

Separated environment for test and production  

ISO 27001

Optional adding Private APN/ Restricted APN

  • Communication only between the Sim card and the connecting

SSO Login

  • Identifying users with Google/ Microsoft/ App Microsoft


Fully secured client-server communication - HTTPS

AWS environment 

  • Fully complying with security regulations and SOC

 

GDPR 

ID to every unit

  • Only allowed devices can connect

Recapture V3

  • Anti-automation

 End Clients installed applications are fully signed

Replicating the systems in case of an emergency

 

 

Audit trail

  •  Monitoring and recording user actions in every part of the systems

  • Security logs and events in real-time security events in the system

IDP Engine

 


All emails from the Galooli system sent only from
"no-reply.galooli.com"

 

 

 

RBAC

  • Rolled-based access control to every user in the system

 Allowed IPs

  • Option to login into the system exclusively through the internal network of the organization

 

 

 

 

...