Version: TP.21112024.01
Effective date: 21/November/2024
1.Relationship to End User License Agreement (EULA)
This Information Security policy is subject to the terms and conditions set forth in the End User License Agreement (EULA).
2.Safeguarding of the data
Our Atlassian Marketplace plugins are securely hosted in the cloud with Data Residency support activated based on your pinned Jira location. Vansah utilises DigitalOcean and AWS data centres. We are the sole owner of the data, and have full control over the information hosted in these centres. DigitalOcean, one of the hosting providers, is certified in ISO/IIEC 27018, ISO27001, and SOC1/2/3. These certifications ensure strict policies related to the return, transfer, and deletion of personal information. Consequently, the adherence of DigitalOcean and AWS to these standards contributes to transparency and security, giving you peace of mind regarding the protection of your Data.
3.Safeguarding of applications
To ensure the security of production applications, our Software utilises a Continuous Integration Server that compiles and distributes the software. The server performs thorough checks on the code, including vulnerability scanning, version verification, and rigorous testing before deploying it to the targeted environment. Only when all tests pass successfully, the build is accepted and published, ensuring the reliability and integrity of the Software.
4.Threat of viruses
At Vansah , every computer has Virus Scan and Anti Spyware Enterprise antivirus software installed, which constantly protects against any malware type.
5.Threat of intrusion
In order to prevent intrusion, our Software uses a High performance Network Security Monitoring (NSM) tool that can detect and block attacks against our network.
We have developed our own signatures to detect malicious or unknown traffic including Intrusion Detection (IDS) and Intrusion Prevention (IPS) modes. Our Software also utilises Security Information and Event Management (SIEM) tools monitoring the data we collect.
6.Data Classification System
Our Software classifies data based on the following sections:
Data Type: Data can be classified into different types, such as numerical, categorical, ordinal and textual.
Data Source: Data can be classified based on its source, such as primary data (collected first hand) or secondary data (derived from primary sources or existing databases).
Data Format: Data can be classified based on its format, such as structured data, unstructured data , or semi-structured data (partially organized, e.g., XML files).
Data Domain: Data can be classified based on the domain or subject area it belongs to, such as customer data or system.
Data Accessibility: Data can be classified based on its accessibility, such as public data (available to anyone), private data (restricted access), or confidential data (highly sensitive and protected).
Data Purpose: Data can be classified based on its purpose, such as transactional data (records of application transactions), analytical data (used for analysis and insights), or operational data (used for day-to-day functions/application operations).
7.Contact Information
If you have any questions about this Information Security policy , please contact us through our support portal.