Skip to content
Security 
Policy

Tailored Technology, Transforming Vision into Productivity.

Effective Date: 13th June 2022

At iWorks, we take the security of our systems, data, and services seriously. This Security Policy outlines the measures we implement to safeguard the integrity, confidentiality, and availability of our infrastructure and client data.


 

1. Company Information

  • Business Name: iWorks

  • Address: 98 Nutgrove Avenue, Rathfarnham, Dublin 14, Ireland

  • Telephone: +353 1 8107777

  • Email: sales@iworks.ie

iWorks is a web development company specializing in bespoke internet software development and WordPress website creation.


 

2. Hosting Infrastructure

We use Amazon Web Services (AWS) to host websites and software projects. AWS provides industry-leading security and reliability, and we leverage the following AWS services:

  • S3 Storage: For secure and scalable file storage

  • EC2 Linux Servers: For hosting web applications with secure access controls

  • RDS MySQL Database Servers: For database management with built-in redundancy and encryption

  • Route 53: For DNS management, ensuring reliable domain routing

AWS maintains compliance with international security standards, including ISO 27001, SOC 1/2/3, and GDPR.


 

3. Email Security

We use Google Workspace to manage company emails. Google Workspace provides:

  • Encrypted email transmission via TLS

  • Advanced spam filtering and malware protection

  • Multi-factor authentication (MFA) to protect access to email accounts

Client communications and data transmitted via email are kept secure using industry-standard encryption protocols.


 

4. Data Encryption

We ensure data security through encryption measures:

  • In Transit: All data transmitted between servers, websites, and clients is encrypted using SSL/TLS protocols.

  • At Rest: Data stored on AWS services, including S3 and RDS MySQL databases, is encrypted to prevent unauthorized access.


 

5. Access Controls

Access to our systems and client data is restricted to authorized personnel only. Security measures include:

  • Role-Based Access Control (RBAC): Staff are granted the minimum level of access required to perform their roles.

  • Multi-Factor Authentication (MFA): Enforced across all administrative and sensitive systems.

  • Audit Logging: Logs are maintained to monitor and review access to sensitive systems.



6. System Monitoring and Updates

To ensure system security, we employ:

  • Continuous Monitoring: Regular monitoring of servers, network activity, and performance.

  • Patch Management: Updates to software, operating systems, and security patches are applied regularly to address vulnerabilities.

  • Backup Systems: Regular, automated backups of client websites and databases to ensure data recovery in case of unexpected events.


 

7. Incident Response

In the event of a security incident, iWorks follows a structured Incident Response Plan:

  1. Identification: Detect and assess the severity of the incident.

  2. Containment: Isolate affected systems to prevent further impact.

  3. Investigation: Analyze the cause and scope of the incident.

  4. Resolution: Mitigate the issue and restore affected systems.

  5. Review: Conduct a post-incident review to improve security measures and processes.

Clients will be notified promptly if a data breach or security issue affects their data.


 

8. Client Responsibilities

Clients are encouraged to follow best security practices when working with iWorks systems or services:

  • Use strong, unique passwords for website logins and administrative accounts.

  • Enable Multi-Factor Authentication (MFA) wherever possible.

  • Avoid sharing credentials or sensitive data via unsecured communication channels.


 

9. Third-Party Services

We may integrate third-party services, such as payment processors or analytics providers, into our websites. All third-party services are reviewed to ensure they meet security and compliance requirements.


 

10. Compliance and Standards

iWorks adheres to applicable data protection regulations, including GDPR (General Data Protection Regulation), and follows industry best practices for data security. Our hosting provider, AWS, complies with international security standards and certifications.


 

11. Contact Us

If you have any questions or concerns regarding this Security Policy or require more information about our security measures, please contact us:

  • iWorks
    98 Nutgrove Avenue,
    Rathfarnham, Dublin 14, Ireland
    Phone: +353 1 8107777
    Email: sales@iworks.ie