Security is one of the critical requirements for the success of any SAAS based product hosted in cloud environment. Our solution architects have given utmost importance to security while designing the product & deployment architecture. This page provides a high level overview of the security consideration. Kindly click on the attachment for a more detailed document.
Synergita Deployment Model
Synergita is hosted on Amazon Cloud Environment (AWS) which provides and ensures a secure environment for deployment of the solution and keep the data safe. Amazon EC2 firewall illustrated in the attachment is used for perimeter and environment security.
All sensitive data are encrypted using 3DES (Triple Data Encryption Algorithm) before it gets uploaded to AWS for storage.
Synergita architecture allows enabling encryption for all important fields as per the requirement of tenants.
SSL Protocol for encryption of data is implemented to ensure secure data transfer over the network and to prevent leakage of sensitive information between the web browser and the AWS Server.
Significant protection against traditional network security issues such as DDoS attacks, MITM attacks, IP Spoofing, Port Scanning, Packet Sniffing etc., is ensured by using appropriate plugin's and encryption methods to overcome them.
All login credentials are encrypted before storage in the database to prevent any unauthorized access. Tenants shall avail LDAP based authentication and not store credentials in cloud.
Synergita has a mature multi-tenant architecture to ensure tenant data isolation in all layers (View, Service and Data). This architecture and development practices ensures tenant data do not mix-up between multiple tenant / tenant hierarchy.
Data layer conducts additional validations to ensure data retrieved belongs to the tenant of logged-in user.
Synergita is security tested in compliance with OWASP standards & recommended approaches and tools.
All the databases are backed-up regularly to facilitate quick recovery and to prevent any data loss.
Full Server (system) backup to EBS (Amazon - Elastic Block Store) is performed periodically.
Incremental backup of server is performed frequently.
Roles & Privilege's - Use of access control list (ACLs) to determine who can see what
All the product features are controlled by role based privilages and for each privilege scope of data under consideration can be configured
Synergita is designed with security in mind and is deployed in a secure cloud environment & employ industry recognized security safeguards to help protect personally identifiable information from loss, misuse, unauthorized access and unauthorized alteration.