Security

2x Performance, 10x Security

At Synergita, we prioritize the security and confidentiality of your employee data. Our enterprise-grade safeguards ensure compliance with global standards, robust encryption, and continuous protection against threats. Below are the key measures we implement to secure your data.

ISO 27001 Compliance

Synergita is ISO 27001 certified, adhering to international best practices for information security management. We cover the below process under ISO 270001.

  • Product management
  • Design
  • Development
  • Testing
  • Implementation
  • Cloud Management
  • Associated Support Processes

Business Continuity & Disaster Recovery

We ensure uninterrupted service with:

  • We offer a Recovery time objective (RTO) of 8 hours to all our customers.
  • 24/7 Monitoring: Real-time alerts via Site24x7 for immediate incident response.
  • Disaster Recovery Protocols: Rapid deployment in alternate AWS regions if needed.
  • Regular Backups: Securely stored and tested for quick restoration.

Data backup, Retention, and Disposal

  • Delta (Incremental) Backup: We back up only the changes (delta) every 4 hours.
  • Full Back up: We take a full backup (the entire database) twice a week, specifically on Sunday and Wednesday.
  • In the event you fail to make the payment within 15 days of the date of receipt of the invoice, you are fined an interest of 12% per annum.
  • In case of continuous delay, we reserve the right to block system access to you.

Encryption

  • All data is protected with multiple encryption layers.
  • In Transit: TLS 1.2+ (via GlobalSign) secures browser-server communications.
  • At Rest:
    • Triple DES (TDEA) for sensitive database fields.
    • Separate encrypted databases for compensation data.
    • Unique per-tenant encryption keys for added security.
  • Authentication: Optional LDAP integration avoids credential storage in the cloud.

Additional Safeguards

  • Multi-Tenant Security:
    • Strict Data Isolation: Segregated at view, service, and database layers.
    • OWASP-Compliant Testing: Ensures logical separation to prevent cross-tenant breaches.
    • Dedicated Subdomains: Each customer gets a unique URL to enforce tenant boundaries.
  • Access & Network Security:
    • Role-Based Access Control (RBAC): Limit data visibility (e.g., salaries only accessible to authorized roles).
    • Firewalls & HTTPS: AWS EC2 instances use OS-level security + encrypted requests.
    • Attack Prevention: Shields against DDoS, MITM, IP spoofing, and port scanning.
  • Secure Development:
    • Regular Security Training: Developers follow OWASP guidelines to mitigate vulnerabilities.
    • We have security partnership with Indusface, which offers you the following benefits
      • Security tests the product and issues the safe-to-host certificate for the product.
      • Continuous application to detect vulnerabilities.

Synergita employs rigorous internal and third-party security testing (including IndusFace) to identify and remediate vulnerabilities. While we do not currently operate a public bug bounty program, we encourage responsible disclosure via our security contact page.

Commitment to Transparency

We continuously evolve our security practices to combat emerging threats. You can get security posture for our product through comprehensive security assessment. For compliance reports or detailed policies, contact our team.

Terms of Service Terms and Conditions Privacy Policy IS Policy
synergita

PRODUCTS

OKR
Perform
Engage
Integrations

COMPANY

About Us
Value Propositions
Careers

LEARN MORE

Security
Press Release
Cheatsheets
Partnership

Contact Us

info@synergita.com

© , Synergita Software Private Limited. All rights reserved.