Versions Compared

Old Version 19

changes.mady.by.user Ksenia Babych

Saved on

compared with

New Version 20

changes.mady.by.user Ksenia Babych

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.



Html
<div id="fb-root"></div>
<script>(function(d, s, id) {
  var js, fjs = d.getElementsByTagName(s)[0];
  if (d.getElementById(id)) return;
  js = d.createElement(s); js.id = id;
  js.src = 'https://connect.facebook.net/en_US/sdk.js#xfbml=1&version=v2.11';
  fjs.parentNode.insertBefore(js, fjs);
}(document, 'script', 'facebook-jssdk'));</script>

...

Info

This document provides information on built-in security features of the Wildix system, ISO compliance and GDPR.

Updated: August 2021

Permalink: https://confluence.wildix.com/x/QgBuAQ

Security is a top priority for Wildix and all the security features are built-in inside the product, which means the Wildix System is Secure By Design and security is not delegated to third party devices.

...

QuestionsAnswers
What method is used to secure archive historic material and data?

Automatic backups configuration.

Note: Consult WMS Start Guide for details.

How the system is restored (either from backup or a rebuild  from scratch) to a known working  state?
  • Possible restoration in other system with backup file
  • Possible failover 
What is the backup retention period?

Two weeks for a snapshot, the snapshots are scheduled weekly on Sunday evenings. 

PBX configuration backups can be taken daily / weekly / monthly from the PBX’s WMS interface.

Is there a testing processed for backups? How often do you test the restoration process?

Configuration backups can be restored through the WMS interface, these are tested regularly. 

A snapshot backup can also be restored through a request in critical instances via our SRE team.

How do you secure against:

  • Power outage
  • Single points of failure
  • Unavailability of critical staff
  • Unsatisfactory maintenance of equipment
  • Failure of equipment/  software

Wildix advices to activate warranty.Details: https://www.wildix.com/ warranty-activation/.



Data Privacy

QuestionsAnswers

What data does the system store?

Chat history and calls stats inCDR-View.
What User Generated Content does the system collect and/ or host?
  • Chat and calls history
  • Possibility for user to add contacts in phonebooks

Note: Chat, calls or phonebooksmodification can be forbidden by ACLrules.

What security measures are in place to protect the data?

Encryption at rest is implemented with a separate key for each single tenant. It encrypts Block Object Storage. This means data could not be used in the case of someone having access to the Storage with elevated permissions.

What are the data retention time limits implemented by  Wildix with regards to personal data at stake?

The maximum retention period of any client system operational activity data that may contain personal information is 2 months. At the same time, we make every reasonable effort to clean up the data we are storing.

An exception is financial/billing data stored in a period according to the legal issues of the company's residential country.

How is the data archived and where? As the retention period of operational data is only 2 months, we don't archive it, using sharding to ensure integrity and fault tolerance.
How the data is destroyed when no longer needed and what data retention periods areobserved?
  • Data can be destroyed whenneeded
  • Possible to remove data every months...
Do you have any modus operandi? 

No, but we use OWASP procedures as an approach to describe threat agents in threat modeling and risk rating procedures.

There are these procedures:

...