Built-in security and reliability
Security is embedded into every layer of Navigator through a security-by-design and defence-in-depth approach, ensuring no single point of failure can compromise customer data. Our security program is designed in alignment with the International Organization for Standardization (ISO) / International Electrotechnical Commission (IEC) 27001 as well as the NIST Framework to implement our policies, procedures, and controls.
Penetration Testing
WorldReplica engages third-party experts to perform periodic penetration tests against Navigator’s production environment. The assessment covers, among others, OWASP Top 10, OWASP API Top 10, OWASP LLM Top 10, CWE/SANS Top 25, PCI DSS 4.0.1.
Encryption
All data in transit is encrypted using TLS 1.2 or higher. Data at rest is protected with AES-256 encryption through Azure Storage Service Encryption. Cryptographic keys are managed in Azure Key Vault, with access restricted via private endpoints and VPN-only network policies to ensure strict network isolation and controlled key access.
Intrusion Detection and Prevention
Inbound traffic is inspected by Azure Application Gateway WAF using the OWASP Core Rule Set to detect and block common web application attacks before they reach backend services.
All Company-managed devices are protected by centrally managed antivirus and Endpoint Detection & Response (EDR) which provides continuous endpoint monitoring, malware and ransomware detection, and supports rapid containment as part of the Company’s broader monitoring and logging framework.
Secure Software Development Lifecycle
Security requirements and architecture reviews are performed at design time, secure coding standards and peer reviews are enforced during implementation, and automated security testing (SAST, SCA, secrets scanning, and IaC scanning) is integrated into the CI/CD pipeline.
Before release, applications must pass defined security gates, with ongoing monitoring and patch management during maintenance to ensure continuous risk reduction.
Data Residency
All customer data is stored and processed exclusively within Switzerland. Backups are geo-redundant but remain within Swiss borders, supporting compliance with the Swiss FADP and EU GDPR.
Authentication & Session Management
User authentication is implemented using the OAuth 2.0 Authorization Code flow with Microsoft Entra ID, supporting Single Sign-On (SSO) via OpenID Connect. Sessions are maintained through HTTP-only, Secure cookies with SameSite enforcement. Access tokens follow Entra ID policies, with a default lifetime of 1 hour.
Internal service-to-service communication relies on short-lived tokens signed with RSA-SHA256. Each token cryptographically binds the request to a specific tenant, with strict expiration checks and bounded clock-skew tolerance applied at validation to prevent replay and timing-based attacks.
Auditing and Logging
Access events, configuration changes, and security-relevant actions are logged and reviewed as part of our security and access control mechanisms.
Zero Trust
WorldReplica requires that all administrators access production systems through the Company VPN and authenticate via Entra ID with Multi-Factor Authentication (MFA). Administrative access is expected to originate from Switzerland, and geo-location–based Conditional Access policies detect and control authentication attempts from outside Switzerland. Administrative access is subject to logging and monitoring, and changes affecting production systems follow the formal Change Management Process.
Disaster Recovery and Business Continuity
WorldReplica has established processes to handle disaster and business continuity scenarios. Navigator maintains geo-redundant backups within Switzerland, continuous database replication with point-in-time recovery, and defined recovery time and recovery point objectives.