How safe is your data?


We ensure utmost security for your data

We take utmost care to ensure that our customer's data is protected from loss and unintended viewing.

  1. Firewalls - We have strong firewalls and fully patched servers that are monitored 24/7 to help prevent hackers from gaining access to your data.
  2. Encryption - We use SSL encryption (128 bit) for data transfer.
  3. Backups - We use redundant storage system to protect our customer's data from software or hardware failure. We follow data backup procedures that create multiple backup copies of customer's data in near real time at the disk level and also off-site backups on regular basis.
  4. High Availability - We utilize highly reliable and redundant server architecture so you'll never have to worry about data loss.
  5. The following points have been carefully considered to ensure utmost security has been provided to your data – Physical Security, Network Security, Application Security, Data Level Security, Internal Systems Security, Operating Systems Security and Third Party Certification.

Access to customer data in the database is managed using Role Based Access Controls (RBAC) model. The access to the data is granted based on the customer role and job duties thus limiting access to only required pages and elements.

The database server is behind a firewall that can only allow traffic to and from a specific application server thus, significantly reducing threats from external hackers and intruders. The 3 tier product architecture by Ntranga provides flexibility to control data access and necessary application scalability.


Security


Network Security

  1. Data center is equipped with multiple Cisco Firewalls .
  2. Site is secured with Symantec Security Certificate.
  3. Application can only be accessed through Https protocol.

Physical Security

Data center has 5 levels of security:

  1. DLF physical security with metal detectors.
  2. Ntranga Physical Security.
  3. Main entrance Access Control device.
  4. IT Operation Wing Access Control device.
  5. Data Center Access Control device.

Backup of data and applications

Off-site and on-site storage of media

Secured storage of off-site backup media

Various types of backup (full, incremental, differential)


Access Security

SSL (HTTPS)

Credential entry

UID/PWD/CIN for trusted IP

Additional user specific questionnaire for non-trusted IP

Application Security

Access to customer specific database based on CIN provided after credential verification

Application access based on roles

Data Security

Each user will have data level security at company/department level

Automation

Employee & Manager user creation will happen automatically and roles will be assigned

Admin user role will be created manually