Privacy and Security

At HotWax Commerce, we prioritize the security, privacy, and reliability of our customers' data. 

Privacy and Security

 

At HotWax Commerce, we prioritize the security, privacy, and reliability of our customers' data. 

Physical Security

Data Centre Security

Data Center Security

HotWax Commerce leverages Amazon Web Services (AWS) in the United States for data hosting, ensuring that your data resides in secure, high-performance servers. AWS data centers comply with stringent physical security standards and are regularly audited to meet ISO/IEC 27001 and SOC 2 requirements. HotWax’s alignment with AWS’s SOC 2 compliance guarantees data center security as part of our infrastructure.

Office Security

Office Security

Our offices maintain strict access control policies. Entry is monitored by reception staff, who also manage visitor registration and escorting. Premises entry is authenticated using a combination of physical security services and a digital system, such as a punch-in/out machine, ensuring secure login for employees.

Certain areas within the office are secured with locked zones, and server rooms are accessible only through an automated locking system, limiting access to authorized individuals. These measures ensure a secure working environment and protect sensitive areas.

Network Security

Network  Security

HotWax Commerce platform operates within a highly controlled network environment. All customer data is stored in private environments inaccessible to external parties. A bastion machine serves as the single, secure entry point to access private systems. This machine is configured to allow connections only from specific IP addresses and is accessible exclusively to authorized users using key-based authentication. Comprehensive session tracking ensures accountability by recording login activities and monitoring user actions.

The bastion machine also features robust security groups to tightly control access permissions. This setup ensures that only users with explicit authorization can interact with the private environment, safeguarding sensitive data.

 

 

Platform Security

Platform  Security

HotWax Commerce implements a multi-layered approach to secure its platform and protect user data. Our cloud-based platform ensures end-to-end encryption through HTTPS/TLS 1.2 standards, safeguarding data both in transit and at rest. Firewalls and Web Application Firewalls (WAF) actively control and monitor access, filtering out malicious traffic and mitigating unauthorized activities.

Access control is strictly enforced through role-based permissions, allowing different access levels for administrators and regular users. Single Sign-On (SSO) streamlines secure login processes while maintaining tight control over access permissions. Additionally, Two-Factor Authentication (2FA) is implemented across all application levels, ensuring that only authorized users can log in based on their assigned roles.

To maintain platform integrity, HotWax Commerce conducts quarterly penetration tests and regular vulnerability assessments. Any identified risks are promptly addressed, ensuring a secure environment for all users.

Data Backup and Disaster Recovery

Data Backup

HotWax Commerce implements a two-fold strategy to ensure uninterrupted service and data accessibility, even in adverse conditions. This approach combines real-time data replicas, automated daily backups, and manual backups to maintain data integrity and minimize downtime.

Real-time Data Replicas

We maintain real-time replicas of data to support disaster recovery efforts. These replicas provide immediate availability,  allowing the system to continue functioning seamlessly during unexpected events.

Automated Daily Backups

Daily automated backups are conducted at scheduled intervals and securely stored in isolated environments, ensuring efficient recovery in case of disruptions.

This two-fold strategy is further strengthened by geo redundancy, with resources distributed across separate environments in the East and West regions. This design ensures resilience and operational continuity, even in the face of significant disruptions.

Employee Training and Operational Security

Employee Training

HotWax Commerce fosters a culture of security awareness among its employees. Regular training sessions educate team members on best practices, emerging threats, and the importance of data protection. All employees sign Non-Disclosure Agreements (NDAs) as part of their onboarding process and undergo background checks to ensure integrity and accountability. These measures reinforce our commitment to maintaining the highest standards of data security.

HotWax Commerce’s operations are guided by well-documented policies and procedures designed to uphold security and efficiency. These policies cover change management, incident response, and regular audits, ensuring that all operational activities align with industry standards and customer expectations. 

Operational Security

Operational Security

HotWax Commerce’s operations are guided by well-documented policies and procedures designed to uphold security and efficiency. These policies cover change management, incident response, and regular audits, ensuring that all operational activities align with industry standards and customer expectations.

Compliance and Certifications

We are continuously committed to upholding industry standards and securing independent verification for our platform’s security and compliance controls.

dataPrivacy

Your Data, Protected

 

At HotWax Commerce, we understand the importance of trust. By combining robust security practices with a proactive approach to compliance and operational resilience, we deliver a platform you can rely on to safeguard your business data.

Want to Know More?

If you have additional questions about our privacy and security practices, please reach out to our team at info@hotwax.co. We’re here to address any concerns and provide further details on how we safeguard your data.

Start your Omnichannel Transformation

Frequently Asked Questions: