I am an embodied conversational bot who can chat with your employees and candidates at critical touchpoints and predict those who are highly disengaged or unhappy.
This page summaries some of the measures we have in place to ensure your data is safe.
To increase awareness about security we ensure that all the new employees attend a mandatory session on Information Security. Apart from this, there’s also a yearly training for all the employees.
It’s mandatory that all the candidates should go through a security check before being offered a senior position at Squadgain Techlabs.
To prevent unauthorized access, Amara supports 2FA Authentication. To access your Amara’s account, apart from a user name and password, users can also activate a phone/email based OTP verification to create another layer of security.
Squadgain Techlabs makes use of third-party services for VAPT(Internal vulnerability scanning and external perimeter testing). Security patches are automatically applied on all the systems whenever available.
Developers at Squadgain follow certain security guidelines to make sure the products we create are secure in design, during development and after deployment.Security testing and Risk analysis activities are part of our secure SDLC process. Internal pen testing using open source tools like Open VAS is done on staging before every release to ensure that there are no vulnerabilities or risks in the release branch and another scan is done on production post release.
We use encrypted connections (HTTPS, SSL, TLS, FTPS, etc) to protect the contents of data in transit. AWS KMS CMKs symmetric keys and asymmetric keys are used to encrypt data at rest for Database (RDS), Storage Volumes (EBS), Static Resources(S3), ElastiCache, Route 53, Lambda. AWS KMS CMKs are protected by hardware security modules (HSMs) that are validated by the FIPS 140-2 Cryptographic Module Validation Program Automatic rotation is enabled for CMKs.
All critical incidents are monitored and reported 24/7 through email. A dedicated team monitors and identifies the threat.
All computing resources not limited to server, desktops, laptops, network devices are monitored to ensure conformity to logical access policies and procedures.
We have a well documented Asset Management Policy in place which defines Asset management practices that are used to ensure that technology assets are properly allocated to end-users to optimize usage and workplace productivity
We employ robust access controls to limit access to infrastructure. Any access to our infrastructure is logged and we restrict any direct access to the production infrastructure. Access to infrastructure components go through a strong approval process and the access is routed via a bastion host to prevent any attack from the public internet.
All our applications are placed behind a Web Application Firewall(WAF) that helps protect our web applications or APIs against common web exploits and bots that may affect availability, compromise security, or consume excessive resources.
All our applications are reliable, fault-tolerant, and highly available as we have servers in multiple availability zones placed under load balancers and are auto-scalable. Our systems are designed to remain in operation even if some of the components used to build the system fail.
Squadgain utilizes AWS data centers for all the production data & customer information. AWS provides enterprise encryption and security. They also make sure to continuously monitor their cloud infrastructure for suspicious activity. To know more you can visit – https://aws.amazon.com/security/
Squadgain has security policies and protocols that manage the entry of employees and visitors to our office locations. Employees, contractors and visitors are provided access badges that clearly distinguish the roles and provide access to physical locations based on their roles. CCTV cameras are used to monitor specific areas of the workspace.
Regular backups with high redundancy are performed for all Squadgain customers. For EC2 instances automatic AMI's are created everyday. An Amazon Machine Image (AMI) stores the information required to launch an instance. Using AWS AMI’s we can launch a machine with the stored configuration at any point in time. All the data stored on the EBS volumes associated with our EC2 instances are backed up to Amazon S3 by taking point-in-time snapshots. Automatic backups are also created for the databases and the database can also be restored to any point back in time upto 72 hours. All the backups are encrypted. We use AWS Backup to centralize and manage data backups and protection across various AWS services
We follow the guidelines and policies which are aligned with the ISO 27001:2013. It is one of the most widely recognized independent international security standards. You can get access to the certificate by writing to Privacy@hirexp.com
Global Compliance Certifications
If you have any questions or concerns about our Policies, data collection or data processing practices, please contact us at the firstname.lastname@example.org