Security Features in WATS.com Cloud Service
The WATS.com cloud service is designed with a layered security approach to ensure confidentiality, integrity, and availability of customer data. Key security features include:
1. Governance and Compliance
WATS aligns with ISO/IEC 27001 standards and follows Virinco’s Information Security Program. Regular internal and external security assessments, including penetration testing, are conducted to validate compliance and minimize vulnerabilities.
2. Access Control and Authentication
The platform supports secure identity management through internal authentication (ASP.NET Identity with PBKDF2 hashing), Single Sign-On (SSO) via OpenID Connect, and SCIM provisioning. Multi-Factor Authentication (MFA) can be enabled or enforced by administrators. Role-based Access Control Lists (ACLs) define granular permissions across modules such as Analytics and Control Panel.
3. Data Protection and Infrastructure
Customer data is stored in Microsoft Azure using secure PaaS components (Azure App Service, Azure SQL, and Azure Storage). TLS encryption is enforced for data in transit, and backups are performed regularly for databases and document storage. Disaster recovery procedures are documented and tested to ensure business continuity.
4. Application and Operational Security
Security is integrated into the Software Development Lifecycle (SDLC) with automated vulnerability scanning (e.g., OWASP ZAP). Patch management and incident response processes are in place to address emerging threats promptly.
Information Security at Virinco Group
WATS operates within a certified Information Security Management System (ISMS) in accordance with ISO/IEC 27001:2023.
The WATS solution is developed and managed by The WATS Company AS, a subsidiary of Virinco Group. The ISO/IEC 27001 certification and its associated ISMS apply to the entire Virinco Group.
For further details, please refer to the Vendor Security Overview for WATS.
References:
Comments
0 comments
Please sign in to leave a comment.