Data Security

Data security is given highest priority at IDOS and we ensure that our customer data and also data of our partners is managed in compliance to the most stringent protocols which meet globally accepted standards of data security.

IDOS is hosted on Microsoft Azure cloud infrastructure which provides multi-layered security across data centres and infrastructure, which is developed with tailor-made hardware, includes security features embedded in the firmware modules and additional safeguards against serious threats like DDoS.

Microsoft Azure’s infrastructure on which IDOS is hosted is designed from facility to applications for hosting millions of customers simultaneously, and it provides a trustworthy foundation upon which businesses can meet their security requirements. Further, Azure facilitates multiple configurable security variants with control function. This enables organisations to select need-based security features.

At the option of the customers and subject to conditions, IDOS would be able to host the application on other trusted, secure and scalable cloud infrastructures.

IDOS by default denies access to customer data to operations and support personnel. When access to data related to a support case is granted, it is only granted using a just-in-time model using policies that are audited and we grant the least privilege that is required to complete the support task and audit of such access is conducted and a log maintained for every such support task. Prior written request and approval of the customer is mandatory even for taking up and managing the support task.

IDOS has put in place specific protocols for ensuring data security with respect to user authentication, multi-factor authentication, data encryption, data breach and elimination of data loss.

User Authentication
* IDOS encrypts sensitive data on transit and uses captcha.

* After login authentication, access to the user is provided as per pre-defined user role established by the administrator of the business / user organization.

* IDOS uses token and role based authorization and ensures that each request to a server is accompanied by a signed token which is verified for authenticity and only then response is made to the request.

Multi-factor factor authentication
* Completely Automated Public Turing test is made mandatory for every login attempt to ensure that the user is real and not a spam robot.

* We provide the customers the additional security capability whereby they can opt for TOTP (Time based One Time Password) which will be generated and send to registered email at the time of every login and additional security measure.

Data Encryption in IDOS

Data on Transit
* SSL encryption

* Additional encryption is applied for password and sensitive information is encrypted.

* IDOS adopts token based validation of requests.

* User account will lock on consecutive failed attempts to login.

* User will automatically logged out and session is made to expire after certain/configured time on inactive user.

Data on Rest
* Sensitive information like password is encrypted and stored.
* After encryption, data masking / data obfuscation is done.

* Data is stored behind firewall

* Only authorize member can access the data and with least privileges

* Backups are encrypted based on Microsoft Azure backup configuration on cloud.

* Premium disks are used to store the data and these are encrypted disks.

Elimination of Data Breach
* After successful authentication and authorization each request validated before processing; using the token generated during authorization. If any request is sent from   unauthenticated source, IDOS will reject the request and logout the user.

* User account gets locked after certain consecutive failure attempts to login.

* User will automatically logged out and session is made to expire after certain/configured time.

* Roles based least privilege backend access to user like DBA and support member based on written request and authorization by the customer for any support task.

* An account is allowed to login from only one place/machine at any given point of time. If the user tries to login from second machine/place parallel to active login from first machine, then most recent login is given access and earlier session will automatically expire.

Elimination of data loss in IDOS

* Single point access of resources using Azure Security

* Microsoft Azure MIP is configured to Data Loss Prevention for additional security.

* Multiple layers are used to access the IDOS like application gateway, firewall, web server and proxy/load balancer and application server act only on SSL.

* Documents are uploaded after validating the file type and virus scan.

Registered Office Address:
7th Floor, Devatha Plaza, Residency Road, Bangalore 560025
Contact Us @ WhatsApp +91 9108506090
© 2020, IDOS Digital CFO. All right reserved │ Design by seedstudiollp.com
Photographs, maps  and images are only for representative purposes and they do not represent actual size or a real person or thing.