Data Security & Privacy

A+ Security Rating

drata badge
Data Security & Privacy
Walkingspree Data Privacy and Security Overview

Walkingspree has implemented industry-standard compliant information security practices that wholly safeguard Walkingspree’s environment to ensure the security of Walkingspree data, client data, and member data.

security-shield-storage-computer

Data Security Protocols and Policy​

At Walkingspree data security is core to our DNA.

protected computer security icon

Data Privacy


Walkingspree regularly reviews internal data collection, storage, and handling processes in compliance with the EU’s Data Protection Regulation (GDPR), the Health Insurance Portability and Accountability Act (HIPAA), and the California Consumer Privacy Act of 2018 (CCPA).

Walkingspree will only use customer data for terms outlined in the agreement formed and will not disclose customer data with any third-parties.

Data Encryption

Walkingspree encrypts all data it possesses.
Data-At-Rest - All Walkingspree data is encrypted with industry-standard AES-256 encryption algorithm.

Data-In-Transit -All data in transit is encrypted using the latest stable version of SSL protocol, ensuring that it constantly evolves against attacks.

computer icon

Data Disposal


Upon reaching the end of an agreement or business relationship, Walkingspree will return or dispose of data as instructed.

Either Return - Data will be returned in perfect condition with no changes having been made except those approved by the vendor in question.

Or Disposal - Data will be totally and securely disposed of on all Walkingspree equipment and platforms.

mainframe

Updates

Hardware - Walkingspree regularly tracks and replaces hardware that is deemed to be faulty or non-functional.

Software - Walkingspree frequently checks and updates software to ensure that it works as intended.

folders icon

SFTP

Walkingspree uses Secure File Transfer Protocol and checks periodically to ensure that data is secure.

security shield

Endpoint Security

Walkingspree uses ESET security solutions to ensure all endpoints are managed, up-to-date and protected from malware, ransomware, web threats, intrusion, phishing, spam, and network attacks.

Incident Response

Walkingspree possesses a program plan that detects and responds immediately to data breaches. The programs include identification, containment, mitigation, and remediation of any incident and immediate notification to vendors.

Walkingspree also meets all Federal and State requirements for data breach notification and handling and will cooperate with involved clients and partners. Walkingspree has committed to making sure that in the case of an emergency, we will be able to cooperate with the affected customers to deal with the problem quickly and efficiently.

shield protect icon

Access Control

Walkingspree has set up “need-to-know” based access controls via unique user identification, dual-factor authentication, and central management to ensure the least amount of necessary data is provided to complete included jobs.

caution computer icon

Vulnerability Assessment

Walkingspree has continuous vulnerability scanners that identify and remedy critical network, server, database, and application code vulnerabilities.

shield protect icon

Security Awareness

Walkingspree maintains security awareness across all of its policies and employees.
Walkingspree has policies that document IT Security Practices and Procedures.

Walkingspree has trained and provided awareness to all employees regarding IT security and all of them have signed confidentiality agreements regarding secure data.

Walkingspree employees all undergo formal security clearance review that includes background and criminal record checks.

folders icon

Disaster Recovery/Backup

Walkingspree maintains disaster recovery procedures that follow the written disaster recovery plan and ensure the safety of all client and member data.

Testing - Disaster Testing is performed annually, including the testing of hardware, installation, operation of all WS programs, use and processing of vendor data, telecommunication facilities, and back-up equipment.

Walkingspree employs Nessus penetration testing regularly and immediately reports and corrects any detected vulnerabilities.

Data Backups - Walkingspree performs regular and long-term back-ups of vendor data to ensure security.

fixing icon

Incident Response


Walkingspree possesses a program plan that detects and responds immediately to data breaches. The programs include identification, containment, mitigation, and remediation of any incident and immediate notification to vendors.

Walkingspree also meets all Federal and State requirements for data breach notification and handling and will cooperate with involved clients and partners. Walkingspree has committed to making sure that in the case of an emergency, we will be able to cooperate with the affected customers to deal with the problem quickly and efficiently.

shield protect icon

Security Audits

Walkingspree will acquiesce to audits from vendors and their third-party designees, answer relevant security questionnaires, conduct scans and reports of servers, databases, and hardware.

computer icon

Software Lifecycle

Walkingspree looks for vulnerabilities throughout all the stages of the Software Lifecycle. Walkingspree maintains strict and secure coding practices throughout development and ensures all software has undergone routine security testing.

computer icon

Security Framework

Walkingspree uses commercial hosting providers to host the SaaS Environment. Walkingspree will only use hosting providers that meet industry-standard security requirements and undergo independent assessments of their security procedures such as Service Organization Control (SOC) audits, SSAE 18 audits, and/or ISO certifications.