the-mapworks-trademark-artboard-2security-policy2

Consultant?

Service Provider?

If you’re managing data for multiple clients, MapWorks is the perfect solution.

Security Standards

The IT infrastructure utilized by The MapWorks, Inc. is designed and managed in alignment with security best practices and a variety of IT security standards, including:

• SOC 1/SSAE 16/ISAE 3402 (formerly SAS 70)

• SOC 2

• SOC 3

• FISMA, DIACAP, and FedRAMP

• DOD CSM Levels 1-5

• PCI DSS Level 1

• ISO 9001 / ISO 27001

• ITAR

• FIPS 140-2

• MTCS Level 3

Physical Security

The data centers utilized by The MapWorks, Inc. are state of the art, utilizing innovative architectural and engineering approaches.  The data centers are housed in nondescript facilities. Physical access is strictly controlled both at the perimeter and at building ingress points by professional security staff utilizing video surveillance, intrusion detection systems, and other electronic means. Authorized staff must pass two-factor authentication a minimum of two times to access data center floors. All visitors and contractors are required to present identification and are signed in and continually escorted by authorized staff.

Storage and Back-up

All of your data is immediately written to our databases as you enter it.  Our web and database servers utilize RAID methods to store your data across multiple hard-drives.  All site data, including configuration settings, is backed-up every day. 

Secure Data Entry

All data you enter into MapWorks is encrypted and sent via HTTPS.  Our active databases aren’t encrypted (because you are accessing them), but our backups are.

Maintenance and Security Patches

We update our infrastructure often with the latest security patches. Our systems are locked down with firewalls and are carefully monitored.

Billing and Credit Card Data

We started out in banking, and we know about securing personal, financial information.  Credit card transactions are processed by our provider using secure encryption.  Billing names and addresses, together with card information is transmitted, stored, and processed securely on a PCI-Compliant network.

As always, we want to make sure things are clear and simple.  If you have questions about any of our terms or policies, please drop us a line at answers@themapworks.com