Account Security

To prevent unauthorized access, Amara supports 2FA Authentication. To access your Amara’s account, apart from a user name and password, users can also activate a phone/email based OTP verification to create another layer of security.

Vulnerability Management

Squadgain Techlabs makes use of third-party services for VAPT(Internal vulnerability scanning and external perimeter testing). Security patches are automatically applied on all the systems whenever available.

Development Lifecycle

Developers at Squadgain follow certain security guidelines to make sure the products we create are secure in design, during development and after deployment.Security testing and Risk analysis activities are part of our secure SDLC process. Internal pen testing using open source tools like Open VAS is done on staging before every release to ensure that there are no vulnerabilities or risks in the release branch and another scan is done on production post release.

Encryption

We use encrypted connections (HTTPS, SSL, TLS, FTPS, etc) to protect the contents of data in transit. AWS KMS CMKs symmetric keys and asymmetric keys are used to encrypt data at rest for Database (RDS), Storage Volumes (EBS), Static Resources(S3), ElastiCache, Route 53, Lambda. AWS KMS CMKs are protected by hardware security modules (HSMs) that are validated by the FIPS 140-2 Cryptographic Module Validation Program Automatic rotation is enabled for CMKs.

Asset Management

We have a well documented Asset Management Policy in place which defines Asset management practices that are used to ensure that technology assets are properly allocated to end-users to optimize usage and workplace productivity

Infrastructure Management

We employ robust access controls to limit access to infrastructure. Any access to our infrastructure is logged and we restrict any direct access to the production infrastructure. Access to infrastructure components go through a strong approval process and the access is routed via a bastion host to prevent any attack from the public internet.

Application Firewalls

All our applications are placed behind a Web Application Firewall(WAF) that helps protect our web applications or APIs against common web exploits and bots that may affect availability, compromise security, or consume excessive resources.

Redundancy

All our applications are reliable, fault-tolerant, and highly available as we have servers in multiple availability zones placed under load balancers and are auto-scalable. Our systems are designed to remain in operation even if some of the components used to build the system fail.

Data Backup

Regular backups with high redundancy are performed for all Squadgain customers. For EC2 instances automatic AMI's are created everyday. An Amazon Machine Image (AMI) stores the information required to launch an instance. Using AWS AMI’s we can launch a machine with the stored configuration at any point in time. All the data stored on the EBS volumes associated with our EC2 instances are backed up to Amazon S3 by taking point-in-time snapshots. Automatic backups are also created for the databases and the database can also be restored to any point back in time upto 72 hours. All the backups are encrypted. We use AWS Backup to centralize and manage data backups and protection across various AWS services

ISO 27001:2013

We follow the guidelines and policies which are aligned with the ISO 27001:2013. It is one of the most widely recognized independent international security standards. You can get access to the certificate by writing to Privacy@hirexp.com

Our GDPR Readiness Checklist

• DPA updated
• Terms of service updated
• Privacy Policy updated
• Data Protection Officer appointed
• GDPR training given to all employees that handle customer data