WherWe Data Security

At WherWe, we understand the importance of securing mission-critical data. Trusted by major corporations in South Africa, we employ a multi-layered approach to data security for optimal protection throughout the data lifecycle: from collection and storage to delivery. Our partnerships with leading software service companies ensure the highest level of security at every stage.

Below is an overview of our typical data security framework:

First Layer: User Authentication & Data Collection

We often utilize Caspio, Inc for essential functions like user authentication and data collection. As a Microsoft Gold Partner and a leading low-code platform provider, Caspio runs on AWS servers and adheres to strict security, privacy, and regulatory standards, including:

  • TLS encryption for data in transit and full disk encryption for data at rest
  • Compliance with GDPR, HIPAA, FERPA, and GovCloud (FIPS 140-2)
  • PCI DSS Level 1 certification
  • SOC 2 and ISO 27001/27017/27018 certifications

Second Layer: Data Processing on Microsoft Azure Cloud Platform

Data processing typically occurs within the Microsoft Azure Platform, using applications like Azure Data Factory and Microsoft SQL Server. With an annual investment of over $1 billion in cybersecurity, Microsoft Azure is a trusted provider for businesses prioritizing security and compliance.

Third Layer: On-site Data Processing & Security

For certain projects, we process data on our secure servers located in our Johannesburg offices. We do not outsource client work, and our employees sign strict confidentiality agreements. Only designated analysts have access to project data, ensuring limited exposure. We conduct annual user access reviews and require two-factor authentication for all key services.

Fourth Layer: Secondary Authentication & Dashboarding

Cleaned data and interactive dashboards are delivered to clients using embedded dashboards from providers like Microsoft Power BI, QlikView, or Tableau. Microsoft Power BI, our recommended choice, employs Azure Active Directory for user authentication. For detailed information, please refer to the Power BI Security Whitepaper.

Power BI adds two additional authentication layers for accessing data and dashboards. Users must authenticate through both their organization's Microsoft Azure tenant and WherWe's tenant. Access can be revoked by the client or WherWe, adding an extra layer of security on top of Caspio, Inc.'s basic authentication service.

With over a decade of experience providing data services to South Africa's largest corporations, our flawless on-site security record speaks for itself. Trust WherWe to safeguard your most valuable data.