Jonathan van Driessen
- Total activity 140
- Last activity
- Member since
- Following 0 users
- Followed by 0 users
- Votes 0
- Subscriptions 3
Articles
Recent activity by Jonathan van Driessen-
Are upgrades or system changes installed during off-peak hours or in a manner that does not impact the customer?
Though customers typically don't notice when updates occur, for safety reasons releases are always done 7-8 AM Brussels time and on weekends.
-
Do you use an automated source code analysis tool to detect security defects in code prior to production?
Yes, we use several tools to analyse security defects before releasing to production.
-
Do you review your applications for security vulnerabilities and address any issues prior to deployment to production?
Yes, all code changes are reviewed by 3 other developers and a product manager before deployment to production.
-
Are all identified security, contractual, and regulatory requirements for customer access contractually addressed and remediated prior to granting customers access to data, assets, and information systems?
Yes.
-
Do you conduct network penetration tests of your cloud service infrastructure at least annually?
Yes.
-
Do you conduct application penetration tests of your cloud infrastructure regularly?
Yes.
-
Are controls in place to prevent unauthorized access to your application, program, or object source code, and assure it is restricted to authorized personnel only?
Yes.
-
Do you publish a list of all APIs available in the service and indicate which are standard and which are customized?
We do not publicly list all APIs used, they are only for internal usage of the application. There are no customized endpoints.
-
Do your terms and conditions contain a framework and/or process for dispute resolution, for example in the event of loss or damage to digital content?
Yes.
-
Is personal data and confidential information that is stored in the cloud encrypted on database level?
Yes.