Security

Your Data Is Safe With Us

At Synergita, we take security of your data very seriously. We understand the importance and sensitivity of your employee data and are committed to ensuring that privacy is maintained at all times. Take a glimpse of Synergita's security measures mentioned below.

Multi-Tenant Data Security

Architecture for Multitenancy - Synergita's architecture ensures tenant data isolation in all the layers (view, services, and data). Additional measures are implemented so that the data layer can only query data from the database, which belongs to the logged-in user alone. This architecture and our development practices automatically ensure that the tenant data does not mix-up with the other tenant hierarchies.

Tenant Identification-A new sub domain is created for each customer and this ensures tenant identification is robust and enables the architecture to isolate each tenant’s data completely.

Multitenancy Testing - Product goes through rigorous testing as per OWASP standards for multi-tenancy. This ensures logical segregation so that one tenant deliberately or inadvertently cannot interfere with the security (confidentiality, integrity, and availability) of the other tenants.

Data Encryption
  • Data-in-transit is protected by the implementation of TLS protocol to encrypt and transfer data between the server and browser. Synergita uses GlobalSign TLS
  • All sensitive data is encrypted using Triple DES, the common name for the Triple Data Encryption Algorithm (TDEA) block cipher, and stored in the database
  • Login credentials are encrypted & stored in the database. Tenants shall avail LDAP based authentication and not store credentials in the cloud
  • As additional protection, compensation data is stored in a separate database and this entire database is encrypted
  • A separate encryption key is created for every tenant toward added security
Application Security

Role Based Access

Using access control lists (ACLs) to determine who can access data in the application and what they can do with it. (For example, Employee Salary information will be visible only to a few people in the organization – employee, his/her manager, HR manager and whoever is provided with the access to view this information, e.g. CEO).

All the features are controlled by role based privileges and for each privilege, the scope of data under consideration can also be configured. (For example, a department head can view the salary details of employees in his/her department only).

Data Center And Environmental Security

Synergita is hosted in Amazon cloud environment. The infrastructure is secured by the following means:

  • ISO 27001 certification for security
  • Level 1 PCI compliance
  • Successfully validated as a Level 1 service provider under the Payment Card Industry (PCI) Data Security Standard (DSS)
  • SOC1 & SOC2 Type 2 audit reports are published by Amazon Web Services

AWS assures 99.999% of availability for our hosting infrastructure. In the event of any network/hardware failure, we can easily setup the application in a different region and bring back the services in quick time.

All our services are continuously monitored by Site 24x7 (https://www.site24x7.com/) and in case of any interruption in the services, our production support team is alerted and the problem is attended to immediately, thereby ensuring best possible availability.

Network Security

Security, within our cloud server, is provided on multiple levels: the operating system (OS) of the host platform, a firewall, and signed security HTTPS request calls. Each of these items builds on the capabilities of the others. The goal is to prevent the data contained within the server from being intercepted by unauthorized systems or users and to provide Amazon EC2 instances themselves that are as secure as possible.

security image
Development Process

Our development and QA teams are trained regularly on the web application security threats and the ways to avoid the same in software.Application & network level securities are put in place to protect the software against the top security issues. Some of them are given below:

  • Distributed Denial of Service (DDoS) Attacks
  • Man in the Middle (MITM) Attacks
  • IP Spoofing
  • Port Scanning
  • Packet sniffing by other tenants
Security Testing

IndusFace (https://www.indusface.com) is an award winning security platform and has appeared in the Gartner Magic Quadrants for Application Security Testing. Synergita uses IndusFace platform for security testing our product. Every major release is security tested and all the issues are fixed.

security-indus-face

Disaster recovery is all about being prepared to manage the unforeseen circumstances. We have put in place all the standard processes/procedures to provide the best possible availability of all our services and also manage unexpected situations.