When our clients decide to use DriveWatcher it is because they are highly convinced that it is not an intrusive tool. After all, we respect user’s information and we limit ourselves to storing just the necessary information to configure the use of the platform.
In this article, we will tell you some key points of our security and data protection policy. The reasons why more and more companies trust DriveWatcher as their notification manager.
Log in
DriveWatcher uses the Google account login, which uses the OAuth2 flow, so we don’t do any password management. By using this system, we automatically apply all the Google security, such as 2-step verification and control of the devices from which you log in.
Documents
All documents are stored in users’ Google Drive domain. As a result, all the files that are managed in DriveWatcher are automatically segregated, since they are stored in different Google domains.
DriveWatcher does not have access to user documents. It uses the user’s permissions to perform operations on them, so there cannot be any unauthorized access to your information.
Payment information
Information on the payment methods used by DriveWatcher users is stored in the well-known Addon Payments, a service that complies with the highest level of PCI regulations. This guarantees that users can make their purchases safely and that their credit card information is protected against fraud.
Infrastructure
DriveWatcher is hosted on Google Cloud Platform, and specifically on the Google App Engine service. This is one of the safest platforms as a service on the market, with certifications such as SOC2, SOC3, ISO 27001, ISO 27017, ISO 27018, FedRamp ATO, and PCI DSS.
Data transfer
All information transferred to and from DriveWatcher is encrypted by industry-standard protocols such as SSL / TLS. DriveWatcher front ends are managed by Google App Engine, which provides highly secure web servers, which are regularly updated against any detected vulnerabilities.
Since Metadrive is hosted on Google Cloud Platform, the information exchanged between the application and Google Drive is transferred via Google’s private network.
Internal politics
At Evebytes, developers of DriveWatcher and other information management tools, our internal policy is «cloud-only”. This way, we make sure that everyone can work from anywhere, and any incident (such as device loss) does not impact the continuity of our business operations.