Welcome to the Wingify Knowledge Base! This site is growing. If you can't find what you're looking for, visit help.vwo.com for more resources.

Start Free trial

Articles in this section

See more →

How Secure is Wingify?

Jash Unadkat
  • Updated
Share:
Follow
close this to read article

This article covers the following:

Overview

Wingify’s enterprise-grade platform has been designed keeping in mind the high level of security expected by world-class businesses. With Wingify, you can rest assured that any data stored by us remains safe, confidential, and accessible. By ‘safe’ we mean that the data will be protected against any type of loss or corruption, ‘confidential’ means access to the data is granted only to authorized personnel, and by ‘accessible’ we ensure that the data is available to authorized users whenever required.

NOTE: If you wish to host Wingify campaign settings on your own server, refer to our Self Hosting option.

How Wingify uses cookies

Wingify uses cookies to run tests and analyze the customer’s website visitor data. The cookies keep track of the variation a visitor has viewed and serve the same variation to the visitor consistently, track goals completed by a visitor, and determine whether a visitor is part of a test.

Where Wingify saves data

  • Wingify is hosted on Google Cloud Platform (GCP), which is SSAE16 certified which store:
    • All source-code (in a GCP data center located in the US).
    • Configuration data on the homegrown CDN (using Global Load Balancer in GCP data centers in 10 countries and in IBM SoftLayer data centers).
    • Database cluster (in a GCP data center in the US, EU, and India).
    • Wingify web-app (in a GCP data center in the US).
  • All Production data is stored in the GCP data center spread across different locations.
  • We do not store any customer data locally.
  • The variation configurations required to run the tests for visitors can also be self-hosted on the customer’s servers for added security control.

How Wingify protects data

Physical security 

Physical access to the GCP data centers is restricted by Google. No physical access is allowed to any of the employees of Wingify, the parent company of Wingify.

Code security 

  • Wingify code is stored in a Stash / Atlassian system hosted by GCP in the US. Wingify employs strict role-based security/passwords for access to the code.  Commits to production code are strictly reviewed and go into production after passing Unit Testing and QA in Test and Staging.
  • The data stored on production servers are accessible only to the VP-Engineering or Associate Directors. No one else in Wingify has access to customer data unless permission to access is granted by the CEO or the VP-Engineering to resolve any technical issue or for debugging.
  • There is an hourly backup of the database data in GCP data centers.

Application access 

  • You are always connected to the Wingify web-app via HTTPS using Secure Sockets Layer (SSL), a cryptographic protocol that is designed to protect against eavesdropping, tampering, and message forgery.
  • You can assign roles and permissions to each user that you add to your account to ensure an appropriate level of access to your Wingify account.
  • You can restrict access to your Wingify account to certain IP addresses. 
  • You can enable alerts to email you whenever specific activities take place in your account.
  • To configure the application access in Wingify, refer to Configuring Security Settings in Wingify.

Vulnerability scans 

Wingify conducts regular vulnerability scans against its internal and production systems. We are protected against OWASP top 10 security threats. We welcome customers to conduct their own vulnerability scan if they like, as long as they contact us beforehand for permission.

Data availability 

  • The static JavaScript files are hosted on Wingify’s CDN with a fail-over strategy that guarantees zero downtime and ensures that your website does not slow down even for a single minute.
  • Wingify is hosted on GCP, which is SSAE16 certified. Historically, we have achieved 100% uptime consistently over the past two years.

Wingify is trusted by 2,500+ customers

Wingify takes strict measures to ensure that any data stored with us is kept safe. Wingify is trusted by large enterprises like AMD, Lenovo as well as financial institutions like Tinkoff Bank, Aussie, ICICI Bank for their conversion rate optimization requirements.

Was this article helpful?

Return to top

Related articles