To solve the business problems, we provide software as a service (SaaS) to millions of users. Security is a component in which we are offering data security, operational security and physical security. This was being reflected in our people, process and products. Our security strategy involves the following:
Our Information Security Management System (ISMS) is based up on our Security Objectives. We are taking strict policies and procedures according to the security availability, processing, integrity and confidentiality of customer details.Employee Background Checks
Every employee undergoes a process of verification of details. With the help of external reputed agencies to perform the check. We are doing this to search if they have any criminal records also to verify the previous employment records and the educational backgroundSecurity Awareness
Each employee had to sign a Confidentiality agreement and acceptable user policy after the training in information security, privacy and compliance. Furthermore, We evaluate their understanding through their tests and quizzes to analyze which topics what they had further training in. We evaluate each employee based on the security practices of the organization. Also the employees can check any compliance in our internal community. They are even being educated continually in Information Security. We also host internal events to give awareness and drive innovation in privacy and security.Dedicated Security and Privacy Terms
To implement and manage our security and Privacy programs, we have dedicated security and privacy teams. They maintain our defense systems, allow develop review process for security and constantly analyze our network to detect suspicious activity. They provide specific consulting services and guidance to our engineering teams.Internal Audit and Compliances
To implement and manage our security and Privacy programs, we have dedicated security and privacy teams. They maintain our defense systems, allow develop review process for security and constantly analyze our network to detect suspicious activity. They provide specific consulting services and guidance to our engineering teams.Endpoint Security
Our employees are issued with workstation provided with newly updated O.S version, having configured with antivirus software. They are configured in such a way that all workstations are properly configured, patched and be tracked also monitored by our own endpoint management solutions. These workstations are secure as they are configured to encrypt data at rest, have strong passwords and get locked when they are not working. Mobile devices used for business purpose are enrolled in such a way that they meet our security needs.
We provide different access cards to employees, contractors, vendors and visitors. That only allows strictly entrance in to the premises. Human Resources (H R) team establishes and maintains specific roles. Also we maintain access logs to spot anomalies. We allow users to access our resources (buildings, infrastructure and facilities with the help of access code.At Datacenters
Datacenter’s access is restricted to small group of authorized persons. At our datacenters, we provide servers and storage to the co-location providers they have the responsibility of building, coding, power and physical Security. We provide other access as ticket and that allowed only after the approval of respective managers. Besides this two factor authentication are required to enter the premises. Access logs, activity records and camera footage are also available in case of any incident occurs.Monitoring
The entry and exit movements throughout our premises are monitored accordingly in all our business centers and data centers through C.C.T.V cameras. Back up footage is also available according to the requirements for that location.
The entry and exit movements throughout our premises are monitored accordingly in all our business centers and data centers through C.C.T.V cameras. Back up footage is also available according to the requirements for that location.Network Redundancy
We are using distributed grid architecture to shield our system from the possible server failures. If there occurs a server failure, users can carry on as usual because their data and our services will always available to them. To ensure device level redundancy, we additionally use multiple switches, routers and security gateway. This prevents failures in internal network.DDOS Prevention
To prevent DDOS attacks on our servers, we use technologies from well established and trustworthy service providers. To prevent disruptions caused by bad traffic while allowing good traffic, these technologies offer multiple DDOS mitigation capabilities. This makes our website applications and APIs performing highly available.Server Hardening
By disabling unused ports and accounts, removing default passwords, the servers provisioned for development and testing activities are hardened. To ensure consistency the base operating System (O.S) image has server hardening built in to it and this Operating System image is in the servers.
Discover Tkies services