Certifications

  • NowForce is ISO 9001 certified
  • NowForce is ISO27001 and ISO 27799 certified

Policy & Training

  • Developers are trained in Secure Web Development methodologies
  • Development follows OWASP best practices for mobile and web development
  • Annual Privacy training
  • Security and Privacy policies are in place

Background Checks

  • ​NowForce personnel passed criminal background checks (relevant employees)

HTTPS
NowForce system uses SSL/TLS encryption 1.2 for all communications

Access Control

  • Access to Dispatcher user interface can be limited to specific IP ranges per organization - optional configuration
  • Single device login (preventing multiple logins from the same account) - optional configuration
  • Unique IDs are assigned to each mobile device allowing the blocking/disabling of unauthorized users even if the application is already installed on their device
  • Access to cloud infrastructure uses 2-factor authentication
  • Access to NowForce API using OAuth2

Passwords

  • Passwords stored in the database are hashed
  • CJIS compliance elements:
  • Password renewal policy
  • Strong Passwords enforcement
  • Password expires after X days
  • Force user to change password on first entry
  • Prevent reuse of last X passwords
  • Automatic lock of user after X failed attempts

Information Control

  • Passive / Active users – ability to control which type of users are sending location information at any given time
  • Auto delete – ability to define amount of time that the system will store information such as location and incident related details with option to export the data to local protected files

Additional Options

  • Customer can connect to cloud using VPN
  • Deployment over dedicated instance
  • On site installation using customer’s security controls


Did this answer your question?