Storing your data securely
MangoMap Limited uses third party vendors and hosting partners to provide the necessary hardware, software, networking, storage, and related technology required to run the Service. Although we own the code, databases, and all rights to the Service, you retain all rights to your User Data.
Amazon Web Services
We read and then store your data on our servers. For data storage we use Amazon Web Services (“AWS”) and is protected by Amazon’s security and environmental controls. On AWS we use RDS Postgres (us-east region) with AES-256, block-level storage encryption at both transit and rest.
- Data center access limited to Amazon AWS data center technicians
- Biometric scanning for controlled data center access
- Security camera monitoring at all data center locations
- 24/7 onsite staff provides additional protection against unauthorized entry
- Unmarked facilities to help maintain a low profile
- Physical security audited by an independent firm
- System installation using hardened, patched OS
- System patching configured by Amazon AWS to provide ongoing protection from exploits
- Dedicated firewall and VPN services to help block unauthorized system access
- Data protection with Amazon AWS managed backup solutions
- Dedicated intrusion detection devices to provide an additional layer of protection against unauthorized system access
- Risk assessment and security consultation by Amazon AWS professional services teams
- ISO 27001:2013-based policies and procedures, regularly reviewed as part of the Amazon AWS SAS70 Type II audit process
- Systems access logged and tracked for auditing purposes
- Secure document-destruction policies for all sensitive information
- Fully documented change-management procedures
- Independently audited disaster recovery and business continuity plans in place for Amazon AWS headquarters and support services
Internal Security Practices
Mango maintains a strict policy for assigning and distributing keys which may access any production or development systems.
- Master access keys are never distributed to any employees
- Access keys are never stored in any version control system
- Access keys are never stored anywhere as plaintext
- Individual access keys are generated per employee with developer only access
- All company workstations and laptops use encryption for storing of any potentially sensitive data
- All company workstations and laptops use anti-malware and antivirus software
- All client data is always anonymized for development purposes
- All Mango employees have been instructed on best practice security standards
- Mango employees are granted granular role access to resources
- Any employee access to sensitive data is tracked and monitored
- Developers only work with anonymized data
All server requests to Mango are sent and received via SSL (secure socket layer) which uses a 256-bit encryption validated by GeoTrust.
No employee of the Service has access to private repositories of User Data unless required and only then with the consent of an authorized Account holder in the pursuit of technical support. Staff working directly in the file store access a compressed database.
Our Support staff may log into your account to access settings related to your support issue. When working a support issue we do our best to respect your privacy as much as practicable, accessing only the files and settings needed to resolve your issue.
Data Loss / Security Breach
In the event of a loss of data or potential security breach, you will be contacted immediately and be kept updated in real-time as we assess the situation. We will quickly take any measures necessary to secure and recover your data. A full incident report will be made available by us should any incidents occur.
Changes to this policy
Mango may periodically update this policy. We will notify you about significant changes in the way we treat personal information by sending a notice to the primary email address specified in your Mango primary account holder account or by placing a prominent notice on our site.
In the EU? Learn more about our GDPR compliance.