VuWall is dedicated to maintaining the highest level of security for the company, its products, and services. To achieve this, we update our solutions with the necessary security fixes and advanced features regularly. This Security Statement provides our clients, partners, suppliers, and vendors with details about our security practices and how we handle sensitive information and data in accordance with the industry’s best practices. We aim to be transparent about our approach to security to build trust and confidence in the security of our products, services, and our organization.
VuWall successfully completed its Service Organization Control (SOC) 2 Type I certification. An independent audit conducted by Strike Graph, an external auditor, confirms that VuWall´s information security practices, policies, procedures, and operations meet the SOC 2 standards for security, as developed by the American Institute of Certified Public Accountants (AICPA). The auditing process included the VuWall TRx Management platform, confirming SOC 2 compliance for this software platform.
VuWall is committed to the safety and security of its infrastructure and customer information. To ensure the highest level of protection, we have established SOC 2 as our guiding standard for managing information security. Additionally, we follow and implement controls from the NIST Cybersecurity Framework and guidelines where relevant.
Information Security Policy
VuWall’s security policies and procedures outline how the various aspects of information security are managed within the company and its subsidiaries. These policies and procedures are reviewed, audited, and updated regularly. They encompass a wide range of security topics, including general standards for employee behavior, accounts, equipment, data, and physical security. All employees are mandated to be familiar with and adhere to these policies and procedures.
VuWall is motivated by relevant statutory and regulatory requirements and industry standards. We regularly undergo third-party audits like ISO9001 and SOC 2 audits to ensure that our policies, processes, and procedures are following established standards and requirements. We are also compliant with TAA and NDAA 2019, Section 889 which is required in use of US Government related deployments.
At VuWall, we have clearly defined roles and responsibilities for information security to ensure that all personnel are aware of their responsibilities in this regard. Employees are subject to security training as part of the onboarding process. Security training is mandatory for all employees on a regular basis. We have also implemented strict access controls and physical security to our environment. VuWall has implemented disaster recovery procedures for all our critical business and operational systems. These measures help ensure that we continue to operate smoothly even in the face of unexpected challenges.
In the event of a security incident, VuWall has a documented incident response plan and procedures in place to manage the situation, including but not limited to, the products and services to our customers. Our incident response plan and procedures outline the roles and responsibilities for managing the incident, how the incident should be escalated, and who should be notified, including relevant authorities.
Our quality policy guides us to deliver the best-in-breed software and hardware products. We have a quality management system that covers the entire company and sets the standard VuWall processes for every stage of the product lifecycle, from product planning, design, development, manufacturing, sales, and customer service. The system also specifies the roles, responsibilities, and authority of those who are accountable for product quality throughout the entire process. VuWall quality management system is audited annually and certified according to ISO 9001 certification standard.
Lifecycle At VuWall, we take software security very seriously. We have developed a documented secure software development methodology to ensure that our software is safe, secure, resilient, and robust. Our secure development lifecycle includes various security practices, such as vulnerability testing, regression testing, penetration testing, and product security assessments, to ensure the security of our software.
Report a Security Vulnerability / Incident
We welcome any feedback from security researchers who want to help us improve our solutions, products, and services. If you find a security vulnerability or incident, please let us know as soon as possible so we can fix it promptly. To report a security vulnerability or incident, please follow these steps:
We will acknowledge your email within 24 hours, and we will work with you diligently to verify and resolve the issue as quickly as possible. We may ask you for additional information or clarification during this process. We will also keep you updated on the status and progress of the issue. Once the issue is resolved, we will notify you and we may ask you to confirm that the issue is no longer present.
If you have any questions about this privacy statement, the practices of our website, or your dealings with our website, you can contact us at email@example.com