wareconn ISO

We are proud to announce that wareconn warranty cloud, the professional SaaS platform, has been awarded the ISO 27001:2022 certification in July 2024. This certification is a significant milestone, underscoring our commitment to maintaining the highest standards of information security in managing and protecting warranty and repair data.

ISO 27001:2022 is an internationally recognized standard that specifies the requirements for a robust Information Security Management System (ISMS). This certification validates that wareconn has implemented stringent security measures and protocols to protect the sensitive data of warranty providers, customers, and service centers on our platform.

Policies

Wareconn values the trust our customers place in us and ensures the protection of their data. We take full responsibility for safeguarding your personal information and ensuring the security of the data. Additionally, we are committed to complete transparency in the security operations processes listed below. Our privacy policy provides detailed information on how we handle data.

Security Encryption

Security Encryption

  • The website only provides HTTPS connections
  • Accessing data has authentication mechanism, and authentication information is updated regularly
  • User data encryption
Permission Delegation

Permission Delegation

  • Only system administrators can access the server
  • Developers can only develop in their own virtual environments
  • Access classification, strengthen identity authentication
Network Security
Network Security

Network Security

  • Firewall Security Group ensures that the connection between network devices is limited based on security policies
  • Cross-site hosts use virtual private networks (VPNs) with encrypted channels to protect data transmission
  • Announcement of Privacy Policy and Website Security Policy
Vulnerability Management

Vulnerability Management

  • Regularly scan and fix vulnerabilities; patch antivirus regularly updated
  • Regularly update system programs and patches.
  • Penetration testing is used to inspect malicious attacks and vulnerabilities.
Logging and Alerting
Logging and Alerting

Logging and Alerting

  • Events and activities of systems and applications are recorded and logged
  • Security events are classified according to severity, corresponding to different alert mechanisms
  • Incident Reporting, Tracking, and Response Process