General Security at Realizer
What are Realizer’s security policies?
At Realizer, we define internal policies governing to manage and protect customer data, production systems and manage (prevent, detect, respond and learn from) security issues. We also use security best practices in the technical architecture of our product itself via stateless sessions, TLS, Encryption and Token-based authentication. Periodic reviews are undertaken to review policies and further improve our security posture.
We follow the security policies of GDPR to ensure the safety of our users.
How does Realizer manage security operations?
To ensure the safety and security of our users, Realizer believes that preventions are better than troubleshooting for a solution. We hold the confidentiality and privacy of our users at high regard.
- Operations - Realizer provides strong security features in our data and platform management systems. Subscribers and users of Realizer may view our terms and conditions for additional information.
- E-signatures will encrypted and modifications will be recorded.
- Users can report any misuse or violations of REALIZER’s Terms and Conditions and request for additional documentation needed for legal actions.
- Maintenance - Key maintenance and monitoring tasks are required to maintain security protection.
- AWS (Cloud Key/ Bug Bounty) for hacking prevention
- All confidential information will only be accessed internally by the designated REALIZER team for auditing and maintenance purposes ONLY.
- Terms and Conditions for privacy, confidentiality and usage of REALIZER must be agreed and upheld by all users.
- (Additional) End-to-end encryption can be added as an advanced tool.
- Prevention - Security features strongly in our quality standards for software development and is woven into our approaches for building and testing software throughout its development. We also perform period security reviews and penetration testing with subsequent action to protect from vulnerabilities.
- Realizer will take strong security measures on our users’ data as follows:
- Hacking Prevention: prevention through AWS( Cloud Key/ Bug Bounty)
- Internal: only developers have access during auditing for maintenance and administration.
How does Realizer manage security incidents?
Realizer team has a permanent infrastructure team responding to production incidents related to security or reliability in general. Our incident management includes best practices such as:
- Observability to assist with detection and diagnosis of issues.
- Internal escalation to troubleshoot and resolve incidents in a timely manner.
- Post incident reviews and actions to prevent reoccurrence.
Who is responsible for investigating security incidents at Realizer?
Realizer has a team of engineers on-rotation to investigate, troubleshoot and review all security incidents to protect the intellectual property of our users.
How and when does Realizer communicate to customers about security breaches?
Realizer actively communicates to customers when providing technical support and if particular customers are impacted by a severe incident, security or otherwise.
The timing of communications is a best-efforts basis and can be affected by impact and root-cause analysis.
Who do customers contact if they become aware of a security breach?