WebEngage
WebEngage
Founded in 2011
At WebEngage, the security and privacy of your data are our top priorities. We adhere to stringent global standards to protect your information at every stage. Our data handling practices include advanced encryption for data at rest and in transit, supported by fully compliant infrastructure. We conduct regular security assessments to identify and mitigate risks, continuously improving our security posture. Our Customer Data Platform (CDP) is designed with security at its core, enabling you to manage and utilize customer data securely and efficiently. With WebEngage, your data is safeguarded, allowing you to focus on enhancing customer experiences with complete peace of mind. Our unwavering commitment to data security ensures your business can operate confidently, knowing your data is safe.
Founded in 2011
Controls (64)
Here are the controls implemented at WebEngage to ensure compliance, as a part of our security program.
Product security (8)
Production System User Review
Situational Awareness For Incidents
Vulnerability Remediation Process
Centralized Management of Flaw Remediation Processes
Notification of changes
Role Based Access Controls
Audit Logging
Data Security
Data security (11)
Production Databases Access Restriction
User Privileges Reviews
User Access Reviews
Encrypting Data At Rest
Data Backups
Testing for Reliability and Integrity
Transfer of PII
Choice & Consent
Data Subject Access
Encryption in Transit
Encryption at Rest
Network security (6)
Limit Network Connections
External System Connections
Transmission Confidentiality
Anomalous Behavior
Cloud Provider Requirements
Centralized Collection of Security Event Logs
App security (5)
Conspicuous Link To Privacy Notice
Secure system modification
Approval of Changes
Unauthorized Activities
Login Sessions
Endpoint security (8)
Malicious Code Protection (Anti-Malware)
Full Device or Container-based Encryption
Endpoint Security Validation
Session Lock
Endpoints Encryption
Mobile Device Management
All WebEngage laptops are centrally managed and inventoried using ABM Controls such as:
Automatic screen lock Strong passwords Patch management Remote Wipe
Disk Encryption
Threat Detection
User laptops are running a centralized EDR client (Jamf). Loki is utilized as SIEM solution which aggregates and ingests all production-related logs.
WebEngage platform is protected by AWS for WAF and zero trust environment services.
Corporate security (26)
Roles & Responsibilities
Competency Screening
Personnel Screening
Security & Privacy Awareness
Automated Reporting
Incident Reporting Assistance
Risk Framing
Risk Assessment
Fraud
Third-Party Criticality Assessments
Assigned Cybersecurity & Privacy Responsibilities
Internal Audit using Sprinto
Periodic Review & Update of Cybersecurity & Privacy Program
Subservice organization evaluation
Subprocessor Requirements
Data Protection Impact Assessment (DPIA)
Data Protection Officer (DPO)
Testing
Customer Obligations
Retention of Policies
Chief Privacy Officer (CPO)
Privacy Act Statements
Asset Ownership Assignment
Validate Security Controls
Review of Third-Party Services
Updates During Installations / Removals
