-
- Security
To protect our applications, infrastructure, and the data of our users and website visitors, we employ stringent security measures at the organizational, architectural, and operational levels. At AutoBoro, we do everything possible to promote security awareness, provide data protection training, and implement best practices so our employees keep security principles and data privacy in mind. We consider information security regulations in the design of our marketing platform, network management, and day-to-day business operations.
At AutoBoro, we have governed employee activities by executing a data privacy policy. We provide training to our employees on such policies when onboarding them and thereon. Furthermore, AutoBoro depends on its IT team to execute these policies by enforcing technical controls.
AutoBoro conducts an information security risk assessment covering its facilities, systems, and information assets each year. By implementing policies, procedures, and controls, AutoBoro minimizes security risks. Senior management is provided with the results of risk assessments and suggestions for risk mitigation as appropriate. The results of our risk assessment suggest improvements to AutoBoro, its customers, and its website visitors to reduce security vulnerabilities and threats.
Our company uses cutting-edge endpoint security protections, intrusion detection systems, and advanced email protections to monitor our systems and prevent potentially harmful security incidents. AutoBoro uses the latest and advanced anti-malware tools to address malicious activities and other threats. The tools that prevent malware from being installed are centrally managed and updated regularly. They notify operations analysts as soon as malware is detected.
By implementing a vulnerability management program, AutoBoro is able to identify and address vulnerabilities across our network, increasing security and reducing exposure.
Using user accounts with appropriate privileges, AutoBoro provides access to our systems using identity and access management controls. We use the least privilege principle for access to critical networks and applications at AutoBoro. Only authorized employees have access to important administrative functions. Access levels and approvals must be documented when provisioning and de-provisioning critical systems and data. Risk-based access reviews are conducted periodically for critical systems and applications.
Our critical business applications are integrated with a single sign-on platform provider for identity management. AutoBoro’s identity management platform enforces the two-factor authentication policy. The unique IDs we assign our users and the password requirements we enforce conform to NIST standards, at the very least.
AutoBoro protects its data very thoughtfully and carefully. Position-based access control secures the database, and two-factor authentication is implemented on login. Recognized encryption protocols encrypt data at rest and in transit at AutoBoro.
Our Data Security Policy adheres to all applicable privacy laws and regulations, including the EU’s GDPR, California’s CCPA, and PCI DSS. AutoBoro has enforced regimes to achieve better and maintain compliance with these frameworks. Please visit our privacy policy to learn more about data privacy practices.
At AutoBoro, we regularly provide Data Privacy and Security training to our employees at onboarding and later on. Moreover, the information security team shares tips and regular updates via internal channels.
AutoBoro tests its platform both internally and externally. We have engaged a security expert to conduct external penetration testing of our network and web applications on a periodic basis. Our bug bounty program has also been hosted on a third-party platform, enabling security researchers to report vulnerabilities and bugs in AutoBoro's systems and platforms. As part of our change management process, AutoBoro reviews, tests, and approves changes to services that affect our customers and us. Before critical changes are released into production, they are reviewed, tested, and approved. Using AutoBoro's change management process, we aim to prevent unintended changes affecting our production environment.
