Security is at the heart of our company with an aim to create scalable, reliable and secure services that meet our customers’ needs.
Thousands of subscribers trust WGTWO to keep their data safe. Our team of experts go beyond industry standard to secure our platform.
To learn more about how we ensure the confidentiality, integrity, and availability of our platform, request to download our “Approach to Security” security whitepaper by contacting us at email@example.com.
A brief intro to how we work with security
Security Incident Response
Our threat detection program provides investigation, response, and coordination for all security incidents at Working Group Two.
Compliance grade security
We adopt security and privacy best practices and standards such as ISO 27001, SOC 2, NIST, CIS, and GDPR to ensure we implement the best practices for securing data.
We implement the highest level of encryption to protect SIM secrets, customer identifiers, and personal data at rest and in transit. This includes AES 256, TLS 1.3, and FIPS 140-2 backed by an HSM.
Complying with local regulations
Lawful Intercept, data sovereignty, and privacy regulations are implemented across our platform.
Automating the identification and prevention of common Telco security threats like Subscriber information disclosure, network information disclosure, subscriber traffic interception, fraud and subscriber denial of service.
Security that evolves
Our continuous patch management, vulnerability management, static analysis and security automation allows us to ensure all components are continuously monitored and patched.
No End of Life
With GitOps, our CI/CD process, we are able to continuously deploy and update our infrastructure and applications to mitigate outdated and vulnerable services.
A Modern approach to security
DevSecOps provides the backbone in our approach to identifying, preventing, and containing from security events and data leaks.
Leveraging security in the cloud
Operating within the cloud we are able to implement security controls within identity & access management, detention of vulnerabilities, protect our infrastructure from common network-based attacks, protect data with compliance grade encryption, and quickly and effectively investigate potential security issues and automate disaster recovery.
Identity & Access Management
We have implemented a central governance and management platform for IAM which enforce password complexity, password rotation, and multi-factor authentication.
Zero Trust Access Control
We follow the principle of least privilege to provide only the necessary access for employees, systems, and job functions within our infrastructure. This helps us deliver a defense-in-depth architecture.
We have automated the blocking features to mitigate advanced denial-of-service or authentication attacks across our network and applications via built-in application rate limiting, infrastructure load balancers, operating in multi availability zones, and horizontal auto scaling.
WGTWO ensures data integrity and unauthorized access to sensitive data through our high standard of encryption at rest and in transit. All information in transit is encrypted via TLS encryption, data at rest is encrypted with AES 256, and SIM Secrets are encrypted via FIPS 140-2 backed by a HSM.
Security our APIs and Products
WGTWOs Secure Systems Development Life Cycle (SSDLC) ensures security is incorporated into the design of our products and APIs. This includes from idea to production, we have tools and processes in place to reduce our attack surface and protect from misuse and data leakage.
We follow operator and local regulations as it relates to security and privacy. This includes being GDPR compliant.
Adopted the cloud-native security model
Ensuring security is met across the security landscape we focus on securing the cloud (co/lo), cluster, containers and code.
Defence in Depth
- Product Security
- Access Management
- Security Monitoring
- Endpoint Protection
- Incident Response
- Vulnerability Management
- Data encryption at-rest and in-transit
- DDoS protection