Making sure our technology and information management processes are secure is one of our top priorities. If you are to learn and act faster through your people's feedback, we know they must feel safe and trust us with their stories. It’s our determined differentiation.
So, at Pax Republic we're seriously committed to our customers' data privacy and information security. We are bound by the following commitments:
- Comprehensive Data Governance Policy
- Established Cyber Security Framework
- Invitations are only issued to addresses uploaded to Platos by a Forum Host working under the instruction of a Pax Republic customer, and invited participants must demonstrate that they are in control of that email account to register
- Two-factor-authorisation is used by Pax Republic Administrators and is available to all general users. We recommend it is used by all Customers
- User Permissions control which forums and which functions within a forum a user can access.
- In-built security mechanisms to help prevent spoofing, hi-jacking and SQL injection attacks
- DDoS protection, firewall and IP restriction are managed by the Cloudflare service
- Microsoft Azure IP restriction policies are applied when requested by a single-tenant customer
- Data in transit is also secured with 256-bit SSL encryption.
- Pax Republic's Chief Information Security Officer service is provided by security consultants Fortian Pty Ltd
- We use secure application development processes and our applications are security tested throughout development
- Penetration testing is undertaken annually or at the time of a major application upgrade by an external security consultancy.
- We work in compliance with:
- Australian Privacy Principles (APP)
- General Data Protection Regulation (GDPR.
- Maintaining Anonymity - Anonymous participants are provided with a different identification number in each conversation to make it more difficult to follow an anonymous individuals comments across a forum. Anonymous participants can also choose to have our "Chatterbot" rewrite their comments to remove many signs of their authorship as an additional anonymity protection.