Multiple Levels of Security Threats

Site SecurityOur Security platform and process leverage on multiple levels of security. Security threats are a result of the various interaction points that an application provides to the external world, and the various users that can interact with these interfaces. For instance Your Customers, Your staff, Our Staff, Anonymous Internet Users and Third Party Servers are interacting with our Systems at any given point of time. Each of these actors need to have different access levels and different rights and permissions.

Security Goals

  • Privacy - Information within our infrastructure and systems will only be accessible by authorized users
  • Integrity - Data and information within our infrastructure cannot be tampered with by any unauthorized user
  • Data Protection - Data within the systems cannot be harmed, deleted or destroyed
  • Identification and Authentication - Ensures that any user of the system is who he claims to be and eliminates chances of impersonation
  • Network Service Protection - Ensures that networking equipment is protected from malicious hacking attempts or attacks that threaten uptime

Security Model

Firewall Protection
Our round-the-clock firewall protection system secures the perimeter and delivers the very best first line of defense. It uses highly adaptive and advanced inspection technology to safeguard your data, website, email and web applications by blocking unauthorized network access. It ensures controlled connectivity between the servers that store your data and the Internet through the enforcement of security policies devised by subject matter experts.

Network Intrusion Detection system
Our network intrusion detection, prevention and vulnerability management system provides rapid, accurate and comprehensive protection against targeted attacks, traffic anomalies, "unknown" worms, spyware/adware, network viruses, rogue applications and other zero-day exploits. It uses ultramodern high-performance network processors that carry out thousands of checks on each packet flow simultaneously with no perceivable increase in latency. As packets pass through our systems, they are fully scrutinized to determine whether they are legitimate or harmful. This method of instantaneous protection is the most effective mechanism of ensuring that harmful attacks do not reach their targets.

Timely Application of Updates, Bug Fixes and Security Patches
All servers are registered for automatic updates to ensure that they always have the latest security patch installed and that any new vulnerabilities are rectified as soon as possible. The largest number of intrusions result from exploitation of known vulnerabilities, configuration errors, or virus attacks where countermeasures ARE already available.

Periodic Security Scans
Frequent checks are run using enterprise grade security software to determine if any servers have any known vulnerabilities. The servers are scanned against the most comprehensive and up-to-date databases of known vulnerabilities. This enables us to proactively protect our servers from attacks and ensure business continuity by identifying security holes or vulnerabilities before an attack occurs.

Pre-Upgrade testing processes
Software upgrades are released frequently by various software vendors. while each vendor follows their own testing procedures prior to release of any upgrade, they cannot test inter-operability issues between various software. For instance a new release of a database may be tested by the Database vendor. However the impact of deploying this release on a production system running various other FTP, Mail, Web Server software cannot be directly determined. Our system administration team documents the impact analysis of various software upgrades and if any of them are perceived to have a high-risk, they are first beta-tested in our labs before live deployment.