Resources

The Highest Level Of Data Security And Protection For Whistleblowing

Information security is our highest priority. We are committed to securing the data you store with us, eliminating systems vulnerability, and ensuring continuity of access.
We take multiple measures to keep your information and the whistleblower’s identity safe.
ISO 27001 Security Standard

Digital Business Technology Pvt Ltd, the company behind WhistleSentinel, shows commitment to data protection and minimize the security risks with ISO/IEC 27001 certification. The international standard for an information security management system. This confirms that we handle data security correctly and it is always a part of development.

How We Protect Your Data

Encryption

1. Data Encryption: All data, both in transit and at rest, is encrypted. This includes reports, attachments, communication, and any stored data within the system.

2. End-to-End Encryption: Implemented end-to-end encryption for communications between whistleblowers and investigators to prevent unauthorized access to the content.

Access Control

1. Role-Based Access: Implemented role-based access control to restrict system access based on users' roles and responsibilities.

2. Authentication: Strong authentication methods for accessing the system, such as two-factor authentication (2FA), to prevent unauthorized access.

Secured Storage

1. High Availability: We uses properly provisioned, redundant servers (e.g., load balancers, web servers, replica databases) in the case of failure.

2. Business Continuity: We keeps daily encrypted backups of data in multiple zones on AWS platform.

3. Disaster Recovery: In the event of a region-wide outage, We will bring up a duplicate environment in a different AWS Platform region.

Security Testing And Auditing

1. We conduct regular security assessments, vulnerability scans, and penetration testing to identify and address potential security weaknesses.

2. We perform independent security audits to ensure the system meets or exceeds industry standards and regulations.

Legal Compliance

1. We ensure compliance with applicable data protection laws and regulations, such as GDPR (General Data Protection Regulation) in Europe and relevant privacy laws in other regions.

Employee Training

1. Our employees undergo background checks before employment and are trained on security practices during company onboarding and on an annual basis.

2. Authentication: Strong authentication methods for accessing the system, such as two-factor authentication (2FA), to prevent unauthorized access.

Still Have Questions?

We’re here to answer them.
Just send them to sales@whistlesentinel.com or
Send us a message!