At Wonda VR, employee accounts are managed by an admin who is the most senior person that is responsible for using the service.
Upon joining the company, a Google Apps for Business email account is created for the new employee by an admin. Then all other accounts are created using this email address.
When an employee leaves the company, their access to their Google Apps account is revoked then their accounts in other services is revoked by admins. This includes their access to any developer accounts and any access to our information systems.
When an admin leaves the company, a new admin is assigned to the service then the account of the leaving employee is revoked.
Information systems access control policy
At Wonda VR, we don’t operate our own data center but create our infrastructure and information systems at providers such as Amazon Web Services. These providers offer industry established mechanisms for access control including:
- Admin account support to manage other user accounts
- API or Access Keys that can be revoked when they are no longer needed.
Also, as mentioned in the accounts management paragraph, when an employee no longer needed access, or when they leave the company, their access is revoked.
Password management program
We use Dashlane to securely manage our passwords.
Dashlane is an enterprise-level password manager that enables employees to:
- Generate unique strong passwords for each site or service
- Easily use these passwords when required in order to reduce the friction to adopt strong passwords (dedicated mobile apps, auto-login and auto-fill features, …)
- Separate personal and work accounts and passwords
Dashlane also offers a range of features that improve the security at the company level:
- Remote deprovisioning of employees accounts when they leave the company.
- Sharing passwords securely between team members with the possibility to revoke them.
- Monitor the team security score with tips on how to improve it.
Operations Security Overview
The infrastructure used by Wonda VR Studio, Wonda VR web player and Wonda VR mobile apps is hosted at Amazon Web Services (AWS) where we only use managed services such as DynamoDB, API Gateway, Lambda Functions and Elastic Video Transcoder. Since these services are managed by AWS, they fully benefit from the security they apply to their data center as documented in the paragraph “AWS Security Responsibilities” in the document “Amazon Web Services: Overview of Security Processes”.
What kind of privacy and security policy do you provide for my projects?
Upload and Download are done with the https protocol on the port 80. We use Amazon Web Services S3 to host your content. Our servers generate a temporary unique signed url that is used to securely upload files to S3. More information about this process here.
Content synced with your solution is similar to unlisted content on Youtube. So If you don't share the deep link or QR code of your project nobody else than you will have access to it. Note that we don't share your project with any other third party solution.