Skip to main content

Security

Shared Responsibility

At viggotech, we build our software platforms with security, resilience, and reliability at their core. While we maintain the infrastructure behind the scenes, you play a vital role in configuring and securing your data and settings within our Software-as-a-Service (SaaS) environment.

This shared responsibility model helps clarify which aspects of security and data protection fall under our control and which are yours. Together, we create a secure and compliant digital ecosystem.

Customer's Responsibility

You are responsible for safeguarding your own environment when using viggotech platforms:

Data Accountability

  • Decide how data is shared, with whom, and for how long.
  • Ensure the accuracy and lawful processing of your data.
  • Avoid illegal or abusive use of our services.

Password Security

  • Use strong, unique passwords.
  • Manage and protect login credentials.

Endpoint Security

  • Keep devices, browsers, and apps updated and patched.
  • Protect devices from malware and unauthorized access.

Shared Responsibility

Some areas require both viggotech and you to act.

Identity and Access Management

We provide:

  • Multi-Factor Authentication (MFA)
  • Role-based access controls
  • IP-based restrictions and session management

You are responsible for:

  • Enforcing strong password policies and MFA
  • Reviewing user roles and permissions
  • Monitoring account activity and connected devices

Data Management

We provide:

  • Access control and permission configurations
  • Audit logs and backup/export tools
  • Data retention and deletion mechanisms

You are responsible for:

  • Setting appropriate data permissions
  • Reviewing audit trails for anomalies
  • Retrieving and storing your backups securely

Third-Party Integrations

We:

  • Vet apps listed in our ecosystem
  • Execute Data Processing Agreements (DPAs) with subprocessors

You:

  • Review third-party policies before integration
  • Approve or reject sharing of personal data with vendors

Encryption

We:

  • Encrypt data in transit with TLS 1.2/1.3
  • Encrypt sensitive data at rest with AES-256

You:

  • Apply appropriate controls on downloaded or exported data
  • Use encrypted storage where applicable

Backups

We:

  • Maintain encrypted backups with integrity checks

You:

  • Regularly export your data and store it safely

Incident Management

We:

  • Investigate and report breaches promptly
  • Apply corrective measures and share findings

You:

Training and Awareness

We:

  • Train staff on secure development and handling of customer data

You:

  • Train users on best practices and compliance requirements

Policy & Compliance

We:

  • Maintain certifications and regulatory compliance
  • Support your DPIA assessments where applicable

You:

  • Review viggotech's documentation to ensure compliance for your use case
  • Conduct internal compliance reviews

Viggotech's Responsibility

We secure and maintain all backend infrastructure, including hosting, uptime, and physical security.

Data Security

  • Logical data segregation between tenants
  • Confidentiality, integrity, and traceability of stored data

Availability

  • Uptime SLA of 99.9%

Business Continuity

  • Real-time data replication between data centers
  • Disaster recovery plans for key services

Network Controls

  • Firewalls, intrusion prevention, and secure production networks

Host Infrastructure

  • Hardened servers, patch management, and intrusion detection

Physical Security

  • Access-controlled, monitored facilities with environmental safeguards

Conclusion

Cloud security is a collaborative effort. We build secure tools, but you must configure and use them securely. The shared responsibility model makes roles clear—and acting on those roles is essential.

For questions or assistance on securing your instance, reach out to: support@viggotech.io