Storing your data securely
MangoMap Limited uses third party vendors and hosting partners to provide the necessary hardware, software, networking, storage, and related technology required to run the Service. Although we own the code, databases, and all rights to the Service, you retain all rights to your User Data.
All data is written to multiple disks instantly, backed up daily, and stored in multiple locations. User Data uploaded to the Service is stored on servers that use modern techniques to remove bottlenecks and points of failure. User Data will not be used by MangoMap Limited, its staff or representatives, or shared with any third parties except as outlined in the Privacy Policy.
Amazon Web Services
We read and then store your data on our servers. For data storage we use Amazon Web Services (“AWS”) and is protected by Amazon’s security and environmental controls. On AWS we use RDS Postgres (us-east region) with AES-256, block-level storage encryption at both transit and rest.
Physical Security
- Data centre access limited to Amazon AWS data center technicians
- Biometric scanning for controlled data centre access
- Security camera monitoring at all data centre locations
- 24/7 onsite staff provides additional protection against unauthorised entry
- Unmarked facilities to help maintain a low profile
- Physical security audited by an independent firm
System Security
- System installation using hardened, patched OS
- System patching configured by Amazon AWS to provide ongoing protection from exploits
- Dedicated firewall and VPN services to help block unauthorised system access
- Data protection with Amazon AWS managed backup solutions
- Dedicated intrusion detection devices to provide an additional layer of protection against unauthorised system access
- Risk assessment and security consultation by Amazon AWS professional services teams
Operational Security
- ISO 27001:2013-based policies and procedures, regularly reviewed as part of the Amazon AWS SAS70 Type II audit process
- Systems access logged and tracked for auditing purposes
- Secure document-destruction policies for all sensitive information
- Fully documented change-management procedures
- Independently audited disaster recovery and business continuity plans in place for Amazon AWS headquarters and support services
More on Amazon AWS security can be found here and here.
Internal Security Practices
Key Management
Mango maintains a strict policy for assigning and distributing keys which may access any production or development systems.
- Master access keys are never distributed to any employees
- Access keys are never stored in any version control system
- Access keys are never stored anywhere as plaintext
- Individual access keys are generated per employee with developer only access
Secure Workstations
- All company workstations and laptops use encryption for storing of any potentially sensitive data
- All company workstations and laptops use anti-malware and antivirus software
- All client data is always anonymized for development purposes
Employee Awareness
- All Mango employees have been instructed on best practice security standards
- Mango employees are granted granular role access to resources
- Any employee access to sensitive data is tracked and monitored
- Developers only work with anonymized data
Data transfer
All server requests to Mango are sent and received via SSL (secure socket layer) which uses a 256-bit encryption validated by GeoTrust.
Employee access
No employee of the Service has access to private repositories of User Data unless required and only then with the consent of an authorised Account holder in the pursuit of technical support. Staff working directly in the file store access a compressed database.
Our Support staff may log into your account to access settings related to your support issue. When working a support issue we do our best to respect your privacy as much as practicable, accessing only the files and settings needed to resolve your issue.
Data Loss / Security Breach
In the event of a loss of data or potential security breach, you will be contacted immediately and be kept updated in real-time as we assess the situation. We will quickly take any measures necessary to secure and recover your data. A full incident report will be made available by us should any incidents occur.
Changes to this policy
Mango may periodically update this policy. We will notify you about significant changes in the way we treat personal information by sending a notice to the primary email address specified in your Mango primary account holder account or by placing a prominent notice on our site.
🇪🇺 In the EU?
Learn more about our GDPR compliance.