Can anyone helping me to answer these questions?
- Are there IT contingency process or IT disaster recovery plan to ensure availability of system integration between customer (developer using free API) and Twitter for customer support service?
- Are there proper protection controls/methods for sensitive data stored such as encryption utilizing AES with key length 256?
- Does Twitter has Data Protection Policy and proper data/information classification, handling, retention and disposal process? Including awareness training for staff?
- Does Twitter use remote access to data stored at TWITTER 's environments? Using VPN with 2FA ?
- Is there proper process of authentication, authorization (user and privileged accounts),account management (user and privileged accounts including new, review, delete) for TWITTER system?
- Do your organization have properly control to manage Cryptographic Keys as their life cycle? Have encryption keys been properly maintained and stored at secure environments?
- Does your organization have significant incidents (i.e. data leak, system availability) or audit finding or non-compliance issues of cross-border/ overseas laws and regulations related services provided to SCB?
Thanks
Keng
Hi @KengKrissada.
Are you using the enterprise Twitter APIs, or the free public Twitter APIs?
Most of these questions are not within the scope of the Twitter Developer Policy and Agreement for API access. You are also welcome to refer to our GDPR hub which provides other contact information.
You’re free to ask for more information via Platform - if you have an enterprise API contract you should connect with your account manager. We will not be able to answer your questions on these forums. Thanks again for asking.
