...
24/7 Monitoring: Includes pre-configured and customized alarms and notifications for abnormalities.
Access Control: Access to customer data is strictly limited to authorized Galooli personnel and users, enforced through identity and access management protocols within our ISO 27001 certified IT and cloud environmentenvironments.
Admin Login Notification: Admin login from more than one device triggers a Double-Login Attempt notification.
All Data Transfers: Fully encrypted, utilizing HTTPS and TLS (no less than 1.2) encryption protocols.
Audit Trail and Login Records: Including records of attempted, failed, and successful logins."
AWS IAM: Utilizes Amazon Web Services Identity and Access Management for secure and granular control over user permissions.
AWS Notifications: Includes access to AWS real-time platform status dashboards and AWS Inspector for enhanced monitoring.
AWS Multi-Zone
Block Events Records: Record of blocked events maintained for security auditing.
Crisis Simulation Drill: Conducted periodically by management and the Chief Information Security Officer (CISO).
Data Availability Dashboard and KPIs: Provides real-time insights and key performance indicators to monitor data accessibility.
Data Isolation: Data is separated in distributed databases, with stringent authentication checks at both application and data layers to prevent unauthorized access and ensure data isolation by customer.
Data Deletion: Policies align with Galooli’s Service Level Policy, which permits data storage for a default period of three years. For longer retention, clients should contact Galooli support. Decommissioning processes prevent unauthorized access and ensure secure deletion in line with industry standards.
DDoS Mitigation and Firewall Protection: We employ IP- and port-based firewalls. Our infrastructure is designed to mitigate Distributed Denial of Service (DDoS) attacks through elastic load balancing and resilient DNS services.
Disaster Recovery (DR) Exercises: Conducted at least four times a year to ensure system resilience.
High Availability Setup: Includes a decentralized solution architecture using various database types (e.g., RDS, Redis, NoSQL) and AWS microservices.
MFA for Development Admins: Multi-Factor Authentication is required for development admins to enhance security.
Network Security: Protected by firewalls and boundary devices with carefully configured rule sets and access control lists to monitor and control data flow. Administrative access is restricted and continually verified.
Ongoing Data Replication.
Ongoing Risk Management: Integral to our R&D activities, ensuring continuous identification and mitigation of potential threats.
Open-Source Monitoring: For vulnerabilities: Utilizing NPM (client-side), NuGet (server-side), and AWS Inspector.
Periodic Development Training: For R&D and Product personnel to maintain and enhance product security.
Physical and Environmental Security: Measures in place include secured facility access and environmental controls to protect information systems.
Policy Procedures: Establish clear definitions of roles and authorities.
Pseudonymization and Encryption: Where applicable, data is pseudonymized or encrypted to enhance confidentiality.
Redundancy: Systems and data are duplicated across multiple sites to ensure availability and data integrity.
Segmentation and Compartmentalization: In permission management enhance security.
Split Between Staging and Product Environments: Environments are split between staging and production to safely manage and test changes before deployment.
Wrong Password: Five incorrect password attempts result in user block for 30 minutes.
Password Strength and Policy: Requires a combination of at least 8 letters, numbers, and symbols, changed at least every 180 days, with no reuse of previous passwords.
Predefined default settings for all factors in the system.
Irregularities Reports.
Bulk Configuration of System Assets.
Cloud-Based Managed Anti-Virus.
AZURE Active Directory + InTune.
Normalization of All Stored Data: To ensure consistency and reliability, with no unnecessary data retained.
Online Multi-Zone Replication.
Periodic Backups.
Management of Database Access Logs.
Change Alerts at the Code Level.
Continuous Improvement: Galooli’s security measures are reviewed annually, including independent third-party penetration testing to identify and remediate any potential vulnerabilities. Being ISO 9001 certified, Galooli always seeks to enhance its Quality Management System at all levels of operation.