MOBILE SOLUTIONS

Security Privacy Policy

Security at Mobile Solutions

As a service company, we understand the importance of complying with globally accepted security and
privacy practices. Our goal is to provide a secure environment, while also keeping the quality and
performance at a level of a first-in-class service-provider.

Mobile Solutions uses a multi-layered approach to protect customer information. We constantly monitor
our environments and identify and implement improvements to our services, systems, and processes to
meet the growing demands and challenges of security.

Secure Data Centers

We utilize secure data centers in a variety of locations around the world, including major cloud provider
networks. Mobile Solutions Services uses many integrated monitoring tools across the breadth of
networks and co-located infrastructures. Our backup and recovery policies are tested multiple times each
month. We do not store customer data outside of our controlled and monitored networks.

Network Security & Data Encryption

We run weekly audits for Common Vulnerability Exposures and resolve any threats that are ranked
“high”, immediately. We also maintain WAF (web application firewall) and automatically block any
threatening IPs; in conjunction with an architecture built on availability group permissions and roles,
which makes the ability to detect threats very straightforward.

We follow best practices to protect the network perimeter, including a denial-of-service (DoS & DDoS)
prevention and mitigation system. Perimeter firewalls and edge routers block unused protocols within our
environments. Internal firewalls segregate traffic between the application and database tiers. Application
data is isolated to a separate network subnet and databases are encrypted at rest.

Access to servers is restricted by IP Address, secure VPN and security credentials. Access is granted on a
limited basis using the rule of least privilege.

Our development practices follow industry standards including separation of production and
development environments, secure coding and security acceptance testing where necessary.

Internal Security & Protocols

Mobile Solutions takes preventive measures to ensure that its systems are only accessed by employees on
an as-needed basis, requiring a unique user ID, strong password and multi-factor authentication.
If you have more in-depth questions about our security program, email us at
secureme@mobilesolutions.net