Data Security, Processing & Storage

We understand your data is vitally important, so we're very protective of how it is stored, processed and kept secure.

Storing your data securely

MangoMap Limited uses third party vendors and hosting partners to provide the necessary hardware, software, networking, storage, and related technology required to run the Service. Although we own the code, databases, and all rights to the Service, you retain all rights to your User Data.

All data is written to multiple disks instantly, backed up daily, and stored in multiple locations. User Data uploaded to the Service is stored on servers that use modern techniques to remove bottlenecks and points of failure. User Data will not be used by MangoMap Limited, its staff or representatives, or shared with any third parties except as outlined in the Privacy Policy.

Amazon Web Services

We read and then store your data on our servers. For data storage we use Amazon Web Services ("AWS") and is protected by Amazon's security and environmental controls with AES-256, block-level storage encryption at both transit and rest.

Physical Security

  • Data center access limited to Amazon AWS data center technicians
  • Biometric scanning for controlled data center access
  • Security camera monitoring at all data center locations
  • 24/7 onsite staff provides additional protection against unauthorized entry
  • Unmarked facilities to help maintain low profile
  • Physical security audited by an independent firm

System Security

  • System installation using hardened, patched OS
  • System patching configured by Amazon AWS to provide ongoing protection from exploits
  • Dedicated firewall and VPN services to help block unauthorized system access
  • Data protection with Amazon AWS managed backup solutions
  • Dedicated intrusion detection devices to provide an additional layer of protection against unauthorized system access
  • Risk assessment and security consultation by Amazon AWS professional services teams

Operational Security

  • ISO 27001:2013-based policies and procedures, regularly reviewed as part of the Amazon AWS SAS70 Type II audit process
  • Systems access logged and tracked for auditing purposes
  • Secure document-destruction policies for all sensitive information
  • Fully documented change-management procedures
  • Independently audited disaster recovery and business continuity plans in place for Amazon AWS headquarters and support services

More on Amazon AWS security can be found here and here.

Internal Security Practices

Key Management

Mango maintains a strict policy for assigning and distributing keys which may access any production or development systems.

  • Master access keys are never distributed to any employees
  • Access keys are never stored in any version control system
  • Access keys are never stored anywhere as plaintext
  • Individual access keys are generated per employee with developer only access

Secure Workstations

  • All company workstations and laptops use encryption for storing of any potentially sensitive data
  • All company workstations and laptops use anti-malware and antivirus software
  • All client data is always anonymized for development purposes

Employee Awareness

  • All Mango employees have been instructed on best practice security standards
  • Mango employees are granted granular role access to resources
  • Any employee access to sensitive data is tracked and monitored
  • Developers only work with anonymized data

Employee access

No employee of the Service have access to private repositories of User Data unless required and with consent of an authorized Account holder in the pursuit of technical support. Staff working directly in the file store access a compressed database.

Our Support staff may log into your account to access settings related to your support issue. When working a support issue we do our best to respect your privacy as much as practicable, accessing only the files and settings needed to resolve your issue.

Data Loss / Security Breach

In the event of a loss of data or potential security breach, you will be contacted immediately and be kept updated in real-time as we assess the situation. We will quickly take any measures necessary to secure and recover your data. A full incident report will be made available by us should any incidents occur.

Changes to this policy

Mango may periodically update this policy. We will notify you about significant changes in the way we treat personal information by sending a notice to the primary email address specified in your Mango primary account holder account or by placing a prominent notice on our site.

Have a question, concern, or comment about Mango security?

Need to report something