At Synergita, we take security of your data very seriously. We understand the importance and sensitivity of your employee data and are committed to ensuring that privacy is maintained at all times. Take a glimpse of Synergita's security measures mentioned below.
Architecture for Multitenancy - Synergita's architecture ensures tenant data isolation in all the layers (view, services, and data). Additional measures are implemented so that the data layer can only query data from the database, which belongs to the logged-in user alone. This architecture and our development practices automatically ensure that the tenant data does not mix-up with the other tenant hierarchies.
Tenant Identification-A new sub domain is created for each customer and this ensures tenant identification is robust and enables the architecture to isolate each tenant’s data completely.
Multitenancy Testing - Product goes through rigorous testing as per OWASP standards for multi-tenancy. This ensures logical segregation so that one tenant deliberately or inadvertently cannot interfere with the security (confidentiality, integrity, and availability) of the other tenants.
Role Based Access
Using access control lists (ACLs) to determine who can access data in the application and what they can do with it. (For example, Employee Salary information will be visible only to a few people in the organization – employee, his/her manager, HR manager and whoever is provided with the access to view this information, e.g. CEO).
All the features are controlled by role based privileges and for each privilege, the scope of data under consideration can also be configured. (For example, a department head can view the salary details of employees in his/her department only).
Synergita is hosted in Amazon cloud environment. The infrastructure is secured by the following means:
AWS assures 99.999% of availability for our hosting infrastructure. In the event of any network/hardware failure, we can easily setup the application in a different region and bring back the services in quick time.
All our services are continuously monitored by Site 24x7 (https://www.site24x7.com/) and in case of any interruption in the services, our production support team is alerted and the problem is attended to immediately, thereby ensuring best possible availability.
Security, within our cloud server, is provided on multiple levels: the operating system (OS) of the host platform, a firewall, and signed security HTTPS request calls. Each of these items builds on the capabilities of the others. The goal is to prevent the data contained within the server from being intercepted by unauthorized systems or users and to provide Amazon EC2 instances themselves that are as secure as possible.
Our development and QA teams are trained regularly on the web application security threats and the ways to avoid the same in software.Application & network level securities are put in place to protect the software against the top security issues. Some of them are given below:
IndusFace (https://www.indusface.com) is an award winning security platform and has appeared in the Gartner Magic Quadrants for Application Security Testing. Synergita uses IndusFace platform for security testing our product. Every major release is security tested and all the issues are fixed.
Disaster recovery is all about being prepared to manage the unforeseen circumstances. We have put in place all the standard processes/procedures to provide the best possible availability of all our services and also manage unexpected situations.