Security

the importance of security and compliance will continue to grow as more companies adopt fintech technologies go is an exceptional platform that offers a seamless and secure onboarding experience for users, all without requiring any coding expertise with go, banks/nbfcs can quickly and easily create and deploy user friendly onboarding flows that are tailored to their specific needs a significant advantage of go is its security with built in security features and advanced encryption protocols, they can be confident that their users' data is protected at all times this not only provides peace of mind for them and their customers but also helps to build trust and credibility for their brand attributes checked by go at all stages 1 vpc environment security in a public cloud environment, one way to provide extra security for customers’ data is to create a virtual private cloud (vpc) a vpc provides on demand configurable pools of shared resources, which separates customers’ data from that of other customers there are two factor authentication enabled in the vpc environment disk level encryption with rsa 2048 bit encryption ssh keys are generated for each unique user which is destroyed in case of their departure ssh keys are not reused centralized key management done by the signzy it team monitoring & logging for user activity is enabled 2\ application process security there is no direct access from the user interface layers to the database layers applications & systems are isms audited and compliant with iso 27001 guidelines application executable files and source code are restricted from unauthorized access session timeouts can be set as per office hours and logins can be restricted privilege and access management are in place for grants and access rights of the users password management policy in place password complexity, auto expiry, lock out basis designated invalid attempts, lockout timer, first time change & secure reset option, etc can be configured before implementation security logging security events, audit trails, and logs for administrators and user activity are enabled to monitor and detect suspicious activity application security signzy can provide, maintain, and support its software and subsequent updates, upgrades, and bug fixes such that the software is and remains secure from vulnerabilities ip whitelisting signzy has the capability of ip whitelisting to restrict platform access from a limited number of known locations / ip addresses both for accessing the service as well as for accessing platform administrative consoles 3\ connectivity security tls 1 2 protocol is recommended for all communication endpoint firewall enabled on each server understanding tls the transport layer security (tls) protocol, like secure sockets layer (ssl), encrypts data before it is sent over a network to learn more about tls and how to enable it, click here https //docs microsoft com/en us/mem/configmgr/core/plan design/security/enable tls 1 2# text=tls%201 2%20is%20more%20secure,across%20the%20network%20more%20secure what is an endpoint firewall an endpoint web application firewall (endpoint waf) runs within the application itself it is aware of the software used inside the website and understands how it's built an endpoint firewall understands how the software used inside the website works and who the visitors are by their permissions and whether they are authenticated or not 4\ db cluster each cluster is assigned a unique ssh key (rsa 2048 bit encryption algorithm) access to each db is controlled by its own unique set of credentials action permissions for every user in db are limited by the principle of least privileges (read & write) 5\ data storage the data storage location is governed by local regulations storage options are available currently in india only, to comply with regional data privacy laws custom configuration with respect to ttl can be performed as per the customer's requirements the data purge api can be customized to meet the specific needs of each customer, allowing for the automated deletion of data based on individual configuration preferences additionally, there is no need for explicit api calls, as the api can be scheduled to run automatically through the use of a cron configuration 6\ automated backup audit logs are backed up daily to an external & isolated signzy owned access controlled amazon s3 bucket our storage duration for pii data is defined by regulatory mandates pii data are not automatically backed up due to regulatory compliance reasons it is possible to have this enabled for a single client getting help please feel free to contact us if you have any questions, require clarification, or have ideas for how to make the documents or any of our services better you can reach out to us at help\@signzy com