We take security seriously at Wipster. Your content is your content and we help you keep it that way.
What we do
Your data is 256-bit HTTPS encrypted in transit (when people access it) and at rest (when it sits unaccessed), across the whole platform.
We have an “A” rating according to Qualys SSL Labs, which covers data in transit.
We use one-way password hashing for local Wipster accounts
Enterprise SSO support is available for a wide array of identity providers (via Auth0)
Our Development, IT, and Operations teams have ongoing security training, based on the OWASP Top 10 security practices. All staff are briefed on their responsibilities with respect to security
We’ve built a fault-tolerant platform with demand-based auto-scaling and geographic redundancy. This is backed with 24x7 support for both the Azure platform and the Wipster application.
Our custom firewalls allow access only to traffic we expect, and our platform is protected by built-in Azure safeguards (see Azure Network Security).
Private by default
Wipster is a private content platform. Your content is only available to who you decide is on your team and who you share it with. It will not be used for anything except the explicit purpose of your use of the Wipster platform.
If you choose to delete content from Wipster, it is fully and permanently deleted. We do not retain backup copies after deletion.
No financial or credit card information is stored on the Wipster platform
Trusted, compliant cloud provider
Microsoft Azure is the cloud provider with the most certifications, such as ISO 27001, HIPAA, SOC 1 and SOC 2 (see Azure Trust Center)
Automated application scanning
Assessing and protecting from vulnerabilities is an ongoing process. Application scans are run regularly and any issues are addressed immediately.