Fotoware is committed to performing regular security reviews of our software. Additionally, independent penetration tests are regularly executed by third-party companies on behalf of customers in their own environment. Although we can never guarantee that our software is free of vulnerabilities, any vulnerabilities found are immediately addressed and fixed with the highest priority. Unauthorized access, data inconsistency, and privacy violations are all considered security vulnerabilities and will be addressed.
Fotoware provides general guidelines on securing and protecting our software's installation through our documentation. However, we cannot guarantee the security of the surrounding infrastructure managed by the customer, including networks, operating systems, and web server configurations. We, therefore, recommend that our customers who run on-premises installations of Fotoware software perform internal security reviews of their installations. Although we always do our best to ensure our software protects the customer, their users, and their data, the customer must be aware that exposing any data on the internet always has a risk. Security should always be considered with a holistic approach.
For guidelines on securing on-premises Fotoware installations, see Securing the Fotoware installation.