Data Security & Privacy
A+ Security Rating
Walkingspree Data Privacy and Security Overview
Walkingspree has implemented industry-standard compliant information security practices that wholly safeguard Walkingspree’s environment to ensure the security of Walkingspree data, client data, and member data.
Data Security Protocols and Policy
At Walkingspree data security is core to our DNA.
Data Privacy
Walkingspree regularly reviews internal data collection, storage, and handling processes in compliance with the EU’s Data Protection Regulation (GDPR), the Health Insurance Portability and Accountability Act (HIPAA), and the California Consumer Privacy Act of 2018 (CCPA).
Walkingspree will only use customer data for terms outlined in the agreement formed and will not disclose customer data with any third-parties.
Data Encryption
Walkingspree encrypts all data it possesses.
Data-At-Rest - All Walkingspree data is encrypted with industry-standard AES-256 encryption algorithm.
Data-In-Transit -All data in transit is encrypted using the latest stable version of SSL protocol, ensuring that it constantly evolves against attacks.
Data Disposal
Upon reaching the end of an agreement or business relationship, Walkingspree will return or dispose of data as instructed.
Either Return - Data will be returned in perfect condition with no changes having been made except those approved by the vendor in question.
Or Disposal - Data will be totally and securely disposed of on all Walkingspree equipment and platforms.
Updates
Hardware - Walkingspree regularly tracks and replaces hardware that is deemed to be faulty or non-functional.
Software - Walkingspree frequently checks and updates software to ensure that it works as intended.
SFTP
Walkingspree uses Secure File Transfer Protocol and checks periodically to ensure that data is secure.
Endpoint Security
Walkingspree uses ESET security solutions to ensure all endpoints are managed, up-to-date and protected from malware, ransomware, web threats, intrusion, phishing, spam, and network attacks.
Incident Response
Walkingspree possesses a program plan that detects and responds immediately to data breaches. The programs include identification, containment, mitigation, and remediation of any incident and immediate notification to vendors.
Walkingspree also meets all Federal and State requirements for data breach notification and handling and will cooperate with involved clients and partners. Walkingspree has committed to making sure that in the case of an emergency, we will be able to cooperate with the affected customers to deal with the problem quickly and efficiently.
Access Control
Walkingspree has set up “need-to-know” based access controls via unique user identification, dual-factor authentication, and central management to ensure the least amount of necessary data is provided to complete included jobs.
Vulnerability Assessment
Walkingspree has continuous vulnerability scanners that identify and remedy critical network, server, database, and application code vulnerabilities.
Security Awareness
Walkingspree maintains security awareness across all of its policies and employees.
Walkingspree has policies that document IT Security Practices and Procedures.
Walkingspree has trained and provided awareness to all employees regarding IT security and all of them have signed confidentiality agreements regarding secure data.
Walkingspree employees all undergo formal security clearance review that includes background and criminal record checks.
Disaster Recovery/Backup
Walkingspree maintains disaster recovery procedures that follow the written disaster recovery plan and ensure the safety of all client and member data.
Testing - Disaster Testing is performed annually, including the testing of hardware, installation, operation of all WS programs, use and processing of vendor data, telecommunication facilities, and back-up equipment.
Walkingspree employs Nessus penetration testing regularly and immediately reports and corrects any detected vulnerabilities.
Data Backups - Walkingspree performs regular and long-term back-ups of vendor data to ensure security.
Incident Response
Walkingspree possesses a program plan that detects and responds immediately to data breaches. The programs include identification, containment, mitigation, and remediation of any incident and immediate notification to vendors.
Walkingspree also meets all Federal and State requirements for data breach notification and handling and will cooperate with involved clients and partners. Walkingspree has committed to making sure that in the case of an emergency, we will be able to cooperate with the affected customers to deal with the problem quickly and efficiently.
Security Audits
Walkingspree will acquiesce to audits from vendors and their third-party designees, answer relevant security questionnaires, conduct scans and reports of servers, databases, and hardware.
Software Lifecycle
Walkingspree looks for vulnerabilities throughout all the stages of the Software Lifecycle. Walkingspree maintains strict and secure coding practices throughout development and ensures all software has undergone routine security testing.
Security Framework
Walkingspree uses commercial hosting providers to host the SaaS Environment. Walkingspree will only use hosting providers that meet industry-standard security requirements and undergo independent assessments of their security procedures such as Service Organization Control (SOC) audits, SSAE 18 audits, and/or ISO certifications.