Yes. NOOA is backed up daily. In the event of data loss, a previous backup can be restored.
NOOA backups are taken daily and they’re stored in Google Cloud –servers. This allows for the data to be automatically mirrored across storage devices in multiple locations inside the cloud for added security.
Will the user input data be purged after they are completed with the challenge? If not, what’s the length of time before the user data expires?
No, they will remain in the MySQL database. This kind of behavioral user information will become quite valuable for the organization as data on their competence for strategy execution. This information will also help organizations when designing further transformations.
Yes. All data can be cleared if necessary, but it is not recommended (see the previous answer for more details).
No. SOC1/SOC2 audits are for service organizations, which manage a company’s financial data. No financial data will be on the NOOA platform.
In addition, currently NOOA does not allow for custom files or documents to be added to a challenge.
Will TripleWin Oy be marketing, anonymizing , de-identifying, or data masking any of the data in NOOA?
NOOA is a cloud based software currently hosted on Google Cloud –servers and as such, the DR-plan by Google is applicable.
NOOA is located in Google Cloud –servers and the security documentation provided by Google is applicable:
Google Cloud has a Service Level Agreement of 99.95% and to minimize service interruption due to hardware failures, natural disasters or other incidents, Google has built a highly redundant infrastructure of data centers.
Google’s computing platform assumes ongoing hardware failure, and it uses robust software failover to withstand disruption. All Google systems are inherently redundant by design, and each subsystem is not dependent on any particular physical or logical server for ongoing operation. Data is replicated multiple times across Google’s clustered active servers so that, in the case of a machine failure, data will still be accessible through another system. They also replicate data to secondary data centers to ensure protection from data center failures.