1. CONFIDENTIALITY

Employees are guided by a secure table policy and are familiar with signing requirements for data security. Also, all employees have signed confidential information storage contracts, which impose penalties for non-compliance.

2. EMPLOYEES

Employees are introduced to the importance of data security, rules and responsibilities assigned to them to ensure the protection of data (including personal). Executions of special social engineering attacks help to scrutinize employees’ awareness and, at the same time, train them to identify possible threats of security breach. There is also an employee responsible for data protection in the organization, dissemination of knowledge, and the enforcement of the requirements of the General Data Protection Regulation (“GDPR”) and the ongoing monitoring.

3. PROCESS CONTROL

A management system has been prepared and implemented to help manage data protection, prevent potentially threatening activities, minimizing the likelihood and impact of negative incidents and risks. The responsibilities, powers and commitments of employees are set out in process descriptions, procedures and instructions. The processing of personal data for specified purposes is carried out in accordance with the established procedures.

4. LEGISLATION

Compliance with the laws and regulations of United Kingdom, as well as agreements between JSC Teamgate and customers, suppliers/ subcontractors and partners.

5. INFORMATION SYSTEMS ARE USED

The information systems necessary for the organization’s activities (hereinafter referred to as the “IS”) are evaluating the impact of data protection on the requirements of the GDPR. Access to data stored in the IS is controlled through consumer rights. Only certified software is used, which is updated in accordance with the established procedure.

6. ACCESS/ ENTRANCE CONTROL

Employees provide services from Teamgate’s premises, access to which is secured through the passage control system.

7. WORKPLACE SAFETY

All computer hosts are protected against viruses and malware. Workplace computer software is updated at least once a week, and critical updates are deployed immediately. Workers’ computers work as ordinary users, i.e. they has no administrator rights.

8. PREVENTING EXTERNAL INTRUSION

The levels of external protection are used with the help of known manufacturers for breaking intrusion prevention solutions. The network’s perimeter is protected by the next-generation firewall (NGFW), with its manufacturer’s constantly updated burst-detection analytics. The network infrastructure is duplicated, its maintenance is carried out in 24×7 mode. All security incidents are processed under a security assurance process that is constantly being improved, and systems are updated and maintained in accordance with manufacturers’ requirements.

9. DATA CENTERS

Our hosting architecture is exclusively concentrated in AWS data centers, renowned for their stringent security, performance, and reliability standards. All customer data is securely stored in these facilities, adhering to a comprehensive array of certifications, compliances, and laws.

A strictly limited number of security-cleared employees have access permission to data centers along with the data stored within the databases. Each and every security event, or security trigger, are logged, monitored and analysed.

11. DATA BACKUP

All Teamgate accounts are synchronized in real time across multiple servers. In the event of a single server malfunction traffic is automatically rerouted to another separate server, ensuring non-disruption and continuous access to files, accounts and data. Over the past several years Teamgate have consistently achieved uptime of over 99 % as a standard, which guarantees user security and unlimited access to sales, files, communication history and all vital information and data. Data backups are performed daily – once or twice a day, depending on the chosen subscribed account plan. All data backups are stored for a minimum of one week, so that even in the unlikely event of a complete data loss, restoration is possible.

12. PASSWORD MANAGEMENT

Teamgate employee is given a unique login and password for joining the Blue Bridge Group. Employees must keep the access information provided and not disclose it to third parties. The login details are required to access the IT systems or other computer hardware, media, documents, etc. At all Teamgate users computerized workplaces (hereinafter referred to as “CWs”) have enabled and operate centralized security group policy (using Active Directory), including employee access authentication (passwords) policies. Notebook PC internal data logger is fully encrypted. When employees do not use the computer for more than 15 minutes, it automatically locks their account.

13. CUSTOMER PASSWORD MANAGEMENT

Customers connect to their Teamgate accounts with passwords. Customers have the option to create a password in accordance with the rules, or to initiate a password generation.

14. JOINING A CLIENT ACCOUNT

Teamgate’s responsible staff will then ask if the client agrees to join the client account, advising or solving incidents, changes (errors) before joining.

15. AUTHENTICATION AND ACCESS CONTROL

Every Teamgate user has their own unique login details, consisting of an email address and secure password. The password is checked according to password security policy standards and protected using advanced coding algorithms. Teamgate users also have the opportunity to authenticate their access via third party services, such as: Google and LinkedIn. The Teamgate account administrator manages and controls separate user permissions, by defining and allocating specific roles. All of the information kept in the specific Teamgate account can be accessed only by users assigned to that specific account.

16. CASE ACCOUNTING

All client applications are registered in a centralized system. Login to the system is password managed. In the system there are managing of incidents, changes (errors) and consultations.

17. PAYMENT INFORMATION PROTECTION

Information about the credit card you enter into Teamgate is transmitted directly to a Certified Payment System Provider and is not at all protected.

18. SYSTEM SECURITY ASSURANCE PROCESS

A complete security requirement process cycle is fully integrated into the Teamgate software development and deployment cycle, which includes:

• Internal security requirements and policies are set, along with “best practice” examples which are applied during every step of the product’s lifecycle.
• Rigorous security maintenance during architecture, functionality design and development stages.
• To assure secure, optimal, and tidy programming code, iterative manual and automated (using static code analyzer) source code analysis is being regularly performed.
• Depending on job roles and responsibilities, the IT team periodically attends security training and knowledge-building workshops.

19. USER ACTIVITY MONITORING

Teamgate gives an opportunity to receive reports with all authentication events. In case of unauthorized login to the account, Teamgate security team member or account manager can interrupt activity by disconnecting from the account.

20. MOBILE APPLICATION

Teamgate gives an optional access to your account data through Android and iOS applications, which inherit a complete security requirements from a web application.

21. ACCOUNT AND CONTENT RECOVERY

Teamgate offers secure data recovery option in case of accidental data deletion. If user is deleted by mistake, it is possible to reverse deletion, if you contact our support team no later than after 7 days from an accident.

30. REGULAR UPDATES AND CHANGE MANAGEMENT

Regular internal security audits enable to identify outdated systems and third party services. Based on internal change management regulations, Teamgate periodically updates the operating system, software, systems, and the code library, all of which are a part of the intrinsic infrastructure.

31. SYSTEM INTEGRITY PROTECTION

By means of operation-systems-based, and custom integrity check services, cohesion of all critical files and system objects is continuously ensured. A rapid response to any potential unauthorised compromisation of the system assures that our customers and users are continuously engaged with the authentic version of all application services.