IT Setup Guide

Everything your IT team needs to approve and deploy MapVS across your organisation.

Security Questionnaire Contact Support

Overview

MapVS (ValueStream) is a SaaS platform for planning, recording, tracking, and analysing value stream maps. It handles process data including step names, durations, resources, and optional screenshots. No on-premise installation is required.

The platform is hosted at mapvs.com and accessible via any modern web browser.

SOC 2 Type II (planned) ISO 27001 (planned) GDPR Aware TLS 1.2+ Enforced

Domain Whitelisting

All traffic is outbound HTTPS only (port 443). No inbound ports or VPN tunnels are required.

Service Domain Port Purpose
Web App + API mapvs.com 443 Main application, API, file uploads
Tailwind CSS cdn.tailwindcss.com 443 CSS framework
Google Fonts fonts.googleapis.com 443 Font stylesheets
Google Fonts (static) fonts.gstatic.com 443 Font files (WOFF2)
HTMX unpkg.com 443 HTMX library
jsDelivr CDN cdn.jsdelivr.net 443 Alpine.js, Chart.js, Swagger UI
Stripe js.stripe.com 443 Payment processing (optional, billing pages only)

File Upload Proxy Configuration

MapVS accepts CSV and Excel file uploads via HTTPS POST to mapvs.com/import/upload. Some corporate proxies block multipart file uploads by default. Below are configuration instructions for common proxy vendors.

Zscaler Internet Access (ZIA)

  1. Navigate to Administration > Web Policy > URL & Cloud App Control
  2. Add a custom URL category for mapvs.com
  3. In File Type Control, create an exception rule:
    • Action: Allow
    • File types: CSV, TSV, TXT, XLSX
    • URL category: your MapVS category
    • Direction: Upload
  4. Under SSL Inspection, ensure mapvs.com is not being inspected, or add it to the SSL bypass list if the upload still fails
  5. Save and activate the policy

Netskope

  1. Navigate to Policies > Real-time Protection
  2. Create a new policy:
    • Destination: custom URL list containing mapvs.com
    • Activity: Upload
    • File type: CSV, TSV, TXT, XLSX
    • Action: Allow
  3. If DLP scanning is enabled, add an exception for the MapVS URL list or configure a DLP profile that allows process data files
  4. Apply and save

Palo Alto Networks (Prisma Access / GlobalProtect)

  1. In Objects > Custom URL Category, create a category containing mapvs.com
  2. In Policies > Security, add or modify a rule:
    • Source: your user zone/group
    • Destination: the MapVS URL category
    • Application: web-browsing, ssl
    • File Blocking Profile: create a profile that allows CSV/TXT/XLSX upload to mapvs.com
    • Action: Allow
  3. If SSL Decryption is in use, consider adding mapvs.com to the decryption exclusion list
  4. Commit the configuration

Generic Proxy / Firewall

  1. Allow HTTPS (port 443) to mapvs.com
  2. Allow Content-Type: multipart/form-data for POST requests to mapvs.com/import/* and mapvs.com/data/*/import
  3. If file type filtering is active, allow: .csv, .tsv, .txt, .xlsx
  4. Maximum upload size: 50 MB
  5. If SSL inspection is in use and causes certificate errors, add mapvs.com to the bypass list

Workaround: Paste-based import

If file uploads remain blocked after proxy configuration, users can paste CSV data, JSON data, or use a Google Sheets link directly on the import page. These methods do not require multipart file upload and work through any proxy.

Security & Compliance

Encryption in Transit

TLS 1.2+ enforced (TLS 1.3 preferred)

Encryption at Rest

AES-256 encrypted database and file storage

HSTS

Strict-Transport-Security header enforced

CSRF Protection

Token-based CSRF on all state-changing requests

Rate Limiting

Per-IP and per-user rate limits on all endpoints

Password Hashing

bcrypt with per-user salt

XSS Prevention

Jinja2 auto-escaping, Content Security Policy headers

SQL Injection Prevention

SQLAlchemy ORM with parameterised queries

For a comprehensive security review, see our Security Questionnaire with 50+ pre-answered questions for your InfoSec team.

API Access

Base URL

https://mapvs.com/api/v1

Authentication

API key via Authorization: Bearer <key>

Rate Limits

100 requests/minute (Starter), 500/min (Pro), 2000/min (Team)

Documentation

OpenAPI 3.0 / Swagger UI

Data Residency

Current Region

Sydney, Australia (DigitalOcean SGP1/SYD1)

Planned Regions

US East, EU (Frankfurt) — on roadmap

Backups

Daily automated backups, 30-day retention

Data Deletion

Users can export and permanently delete all data from Account Settings

Browser Requirements

Chrome

90+

Firefox

88+

Safari

14+

Edge

90+

  • JavaScript must be enabled
  • Cookies must be enabled (session authentication)
  • For Web Recorder: Screen Capture API support (Chrome or Edge recommended)
  • Internet Explorer is not supported

Desktop App (Electron)

Download Size

~150 MB

Outbound Network

HTTPS to mapvs.com:443

Inbound Ports

None required

Platform Requirements

macOS

macOS 11 (Big Sur) or later

Permission required: System Preferences > Privacy & Security > Screen Recording

Windows

Windows 10 or later

No special permissions. Admin rights may be required for installation depending on group policy.

Linux

Ubuntu 20.04+ or equivalent

No special permissions required.

Data is stored locally in the user profile directory and synced to MapVS on demand. No always-on connection is needed.

Mobile App

iOS

iOS 15+ · Available via TestFlight

Android

Android 11+ · Available via Play Store

  • Camera permission required (for step photos)
  • Network: HTTPS to mapvs.com:443
  • Offline capable — syncs when connected

Single Sign-On (Enterprise)

  • SSO available on the Enterprise plan
  • SAML 2.0 support (planned)

Contact enterprise@mapvs.com for SSO setup and enterprise onboarding.

Contact

For IT onboarding assistance, security questionnaires, or enterprise deployment planning:

General Support

support@mapvs.com

Enterprise / Security

enterprise@mapvs.com