Security Policy

Effective: January 1st, 2022

  • Overview
    1. 1.1. Information security is a serious matter for WillSuite. This policy serves as a guide to let you know the steps we take to ensure the privacy of your data.
  • Data Center Security
    1. 2.1. WillSuite runs on the DigitalOcean platform with data hosted by the platform Amazon Web Services (AWS) in nondescript housed facilities. Our data centers are located in London.
    2. 2.2. Physical access is strictly controlled both at the perimeter and at building ingress points by professional security staff utilizing video surveillance, intrusion detection systems, and other electronic means. Authorized staff must pass two-factor authentication a minimum of two times to access data center floors. All visitors and contractors are required to present identification and are signed in and continually escorted by authorized staff.
    3. 2.3. More information relating to security of data centers can be found in the AWS Security Whitepaper and DigitalOcean security disclaimers available here: https://aws.amazon.com/whitepapers/overview-of-security-processes/ https://www.digitalocean.com/security/
  • Server Security
    1. 3.1. Our server network can only be accessed via SSH with public key authentication or via Two-factor Authentication over SSL. Public keys are removed from servers where access is no longer required.
    2. 3.2. Operating system security patches are checked on a nightly basis.
  • Ongoing Security Monitoring
    1. 4.1. Servers are checked for security patches on a nightly basis.
    2. 4.2. Automated application checks are ran against the PHP Security Advisories Database (https://security.sensiolabs.org/) on a nightly basis. WillSuite are alerted if any third party package requires attention.
    3. 4.3. WillSuite are notified when suspicious traffic or account activity is detected. In some cases access to the system may be automatically restricted until manual intervention by WillSuite employees.
  • Encryption of Data
    1. 5.1. Communications between you and WillSuite servers are encrypted via industry best-practice HTTPS and Transport Layer Security (TLS) by default.
    2. 5.2. At rest, data is encrypted on our AWS platform with AES-256 encryption.
  • Data backup and redundancy
    1. 6.1. WillSuite’s strict backup regime ensures customer data is backed up on point-in-time basis, supplemented by a further daily backup.
    2. 6.2. Before being purged;
      1. 6.2.1. Daily backups are held for a period of 16 days.
      2. 6.2.2. Weekly backups are held for a period of 8 weeks.
      3. 6.2.3. Monthly backups are held for a period of 3 months.
  • Data Retention
    1. 7.1. Customer data is retained for as long as you remain a customer and until impractical, your data will remain in the WillSuite system indefinitely. Former customers’ core data is removed from live databases upon a customer's written request or after an established period following the termination of the customer agreement. In general, former customers’ data is purged 90 days after all customer relationships are terminated.
    2. 7.2. Information stored in replicas, snapshots, and backups is not actively purged but instead naturally ages itself from the repositories as the data lifecycle occurs. WillSuite reserves the right to alter the data pruning period and process at its discretion in order to address technical, compliance, or statutory needs.
  • Framework level security
    1. 8.1. We use tools and techniques to protect against common security vulnerabilities. This includes escaping user-inputted data which is rendered to reduce the threat of Cross Site Scripting (XSS), CSRF tokens are used to minimize the risk Cross Site Request Forgery (CSRF), and use of PDO across the system to minimize the risk of SQL Injection.
    2. 8.2. Protection against the above attack vectors is evaluated as part of our third-party security audits.
  • Data Access
    1. 9.1. Customer Support, Services, and other customer engagement staff with a need-to-know may request access to customer services on a time-limited basis. Requests for access are limited to their work responsibilities associated with supporting and servicing our customers. The requests are limited to just-in-time access to a specific customer's service for a 24 hour period.
    2. 9.2. All access requests, logins, queries, page views and similar information are logged. Employee access is subject to daily review and at least semi-annual recertification to ensure authorized systems are within limits of employees' current roles.
  • Employees
    1. 10.1. All employees are subject to pre-employment checks where appropriate, compliant to the BS7858:2012 security screening standard including, but not limited to,
      1. 10.1.1. Confirmation of name, date of birth and address
      2. 10.1.2. Right to work validation
      3. 10.1.3. 5 Year career history reference checks employment, self-employment and unemployment
      4. 10.1.4. Independent verification of any career gap which exceeds 31 days
      5. 10.1.5. Verified written character reference
      6. 10.1.6. Education checks as appropriate
      7. 10.1.7. Financial public record check: CCJ’s, insolvency, bankruptcy, IVA’s, undeclared address links & aliases.
      8. 10.1.8. Terrorist financial sanctions list & company officer checks
      9. 10.1.9. Basic Criminal Record Disclosure
      10. 10.1.10. Certificate of screening & full audit file supplied when vetting is complete
  • Security Training
    1. 11.1. All employees receive security and incident response processes training within the first month of employment as part of the WillSuite security program along with role-specific follow-up training. All employees must comply with Non-Disclosure Agreements and Acceptable Use Policies before access to production networks and data.
    2. 11.2. Employees are tested on their knowledge of different common attack vectors used within web applications and given training on risk minimization before and during development on the code base.
  • User-Side Security Features
    1. 12.1. Two Factor Authentication
      Two Factor authentication via an app (such as Google Authenticator or Authy) is enforceable for users of the system to protect their account in the event their password is compromised.
    2. 12.2. Password Policy
      We enforce a password policy restricting complexity and uniqueness of passwords.
    3. 12.3. Unobtainable Authentication Data
      Passwords are one-way hashed and salted using bcrypt, the recommended industry standard in one-way hashing. Passwords cannot be retrieved from the database by any party.
    4. 12.4. Communication Encryption
      Web traffic to our platform is forced over encrypted HTTPS and is authenticated using TLS 1.3 (a strong protocol), X25519 (a strong key exchange), and AES_256_GCM (a strong cipher).
    5. 12.5. Role-based Access
      Role-based user access, allowing administrators to restrict application and data access for certain users dependent on their role.
    6. 12.6. Location-based Access
      If requested, user access can be restricted to an IP address (such as an office network or VPN).