You’ve trusted us with your personal information and we’ve built data security into our process to protect it. Our Secure Software Development Life Cycle (SSDLC) integrates a multi-disciplinary team to collaborate on security concerns throughout our entire product development cycle.
Our Network Operations Center (NOC) utilizes state-of-the-art Security Information and Event Management (SIEM) to provide 24x7 network monitoring, intrusion prevention and detection alerting. Our sites deploy firewalls and traffic monitoring to ensure the security, stability, and reliability of our network and systems.
In addition to application and network security, all devices accessing our network are managed and secured. We centrally manage, fully encrypt, and utilize anti-virus and anti-malware protections on all workstations and mobile devices., using VPNs (Virtual Private Networks) to connect offices and remote users.
WOOP offices are under continuous video surveillance, and access is controlled by programmable key fobs. Any visitors are escorted at all times by staff members. Cloud infrastructure providers are certified for SOC2 or ISO 27001:2013 compliance. All physical hosting locations provide multiple layers of security, including biometrics, physical guards, cameras, and secure equipment racks/cages.
We require annual evaluation of all third-party vendors for data security and compliance, and we perform background checks on all staff members. WOOP maintains PCI-DSS certification, and values SOC2, CCPA, and NYDFS compliance. WOOP’s information security policies and processes are managed and monitored through our centralized Governance, Risk & Compliance (GRC) platform.
Our Confidentiality & Security Team (CST) oversees WOOP’s security program. Your information must be managed and protected, and we take that seriously.