Protecting your data
Multi-tiered data security model
Security By Design
200+ enterprises across the globe trust us with their data security. We back ourselves up with robust data security and privacy practices that form an integral part of our product engineering and service delivery principles. Following the tenets of security by design, security is at the heart of how we build our products, secure your data and provide high resiliency. We have top-down governance and security in our DNA that lets us constantly wade through our threat vectors and calibrate to strengthen our security posture. That way, we align to the changing business and technology landscape.
Behind the scenes
Secure Product Build
End-to-end security in product lifecycle
Highly Resilient Architecture
Always lights-on for your business
Virtual Private Cloud
Hosted in dedicated VPCs in non-promiscuous mode that are further segmented for increased security and manageability.
Perimeter Security
Routing rules hardened based on pre-established criteria for various permissible transactions across all resources.
Access Controls
Role-based access through IAM that enforces segregation of duties, two-factor authentication and end-to-end audit trails ensuring access is in accordance with security context.
Encryption
AES 256 bit encryption for data at Rest and HTTPS with TLS 1.2 encryption for data in transit.
Management Plane
Secure administrative tunnel with whitelisted IP addresses for secure connection to the servers for administrative purposes, through a bastion host.
Malware & Spam Protection
Malware and Spam protection applied based on latest threat signatures and supports real-time scanning and security.
Product Roadmapping
Product road-map is defined and reviewed periodically by the Product Owner. Security fixes are prioritized and are bundled in the earliest possible sprint.
DevOps Squad
Our DevOps sprints are powered by a multi-disciplinary Squad of members including the Product Owner, Squad Lead, Tribe Lead and Members, and Quality Assurance.
Code Review
All changes are tested by the Quality Assurance team and criteria are established for performing code reviews, web vulnerability assessment, and advanced security tests.
Quality Assurance
Builds are put through a stringent functionality tests, performance tests, stability tests, and Ux tests before the build is certified "Good to go".
Version Control
Source Code is managed centrally with version controls and access restricted based on various teams that are assigned to specific sprints. Records are maintained for code changes and code check-ins and check-outs.
Segregation of Duties
Access to the production is restricted to very limited set of users based on the job roles. Access to the production environment for developers and Quality Assurance team members are restricted based on their job responsibilities.
Component Redundancy
All components are deployed in ‘n+1’ mode across multiple availability zones configured in active - active mode behind a load balancing service.
Highly Scalable DNS
Route users to the best endpoint based on geo-proximity, latency, health, and other considerations.
Platform Load Balancing
Automatically distribute application traffic across multiple availability zones that support high availability, auto-scaling and robust security.
Data Backup
Near real-time backups are maintained in another Availability Zones. Cloud Snapshots are taken every day and retained for the last seven days.
Cross Geo Redundancy
Mirrored multiple Availability Zones are setup and serves customers in real-time thereby providing seamless DR capability.
Incident & Breach Management
Procedures are established for reporting incidents, and tracking it for timely communication, investigation and resolution.
Content Distribution Network
Geographically distributed network of proxy servers and their data centers. The goal is to distribute service spatially relative to end-users to provide high availability and high performance.
Capacity Management
Proactive capacity monitoring based on conservative thresholds and on-demand capacity expansion capability through our highly elastic hosting partners.
For any further queries please write to us at security [at] clickpost [dot] in