PHYSICAL SECURITY

To maintain the security of information and data stored by customers online, SalezShark ensures and maintains several security checks in the physical domain of the stored data. Following are a few practices that help SalezShark ensure all round security for its users:

• Authorized Personnel Access: Physical access to the data environment is limited to authorized personnel only. This access is given to an individual only after verifying the need and eligible requirement, such as to manage customers’ applications and services. Further, a few more security processes such as double authentication for physical access, round the clock video surveillance and on premise security officers secures the data center environment.


• Physical Monitoring: Over the limitation of physical access, the data center is further secured with motion sensors, 100 percent- secured access protected with security alarms and video surveillance.


• Disaster Risk Management: Provision to sustain through seismic disasters and also well equipped for prevention of fire break outs.


• Climate Control and Measurement: Constant and continuous measurement of humidity, temperature is carried out to ensure smooth running of the equipment.


• Secure Network Design: The SalezShark network is designed in a way which ensures necessary segmentation of critical servers and public facing interfaces.


• Enhanced Hardware: The hardware that is used at SalezShark’s data centre works in the most efficient and secure manner, keeping in mind the security practices followed by SalezShark. These equipment’s efficiency helps the company save power and costs, the benefits of which are then extended to our esteemed customers.

LOGICAL SECURITY

Logical Security at SalezShark plays an equally important role as Physical Security. The following practices followed will give an over- all picture of the logical security level maintained by SalezShark for its customers.

• Data Segregation/ Isolation: It is ensured at all times that the multiple customer data is segregated and is allowed access to the respective customer only. Data isolation and various logically induced security boundaries, also help SalezShark in maintaining separate database for each customer without giving access to or being compromised by any other user.


• Hosted Application Security: SalezShark ensures that the applications hosted by its data center are monitored under strict security controls and measures, at all times. The following features enable SalezShark maintain the required security:
  
  
  • Customizable Security Roles: SalezShark controls the user access and the activities that can be performed by them
  
  
  • Role Based Forms: Manages the visibility of data as per each individual’s role.
  
  
  • Data Encryption: To maintain confidentiality of data, all customer information in the database is encrypted by strong encryption algorithms.
  
  
  • Field-Level Security: As per the field level security settings, administrator can restrict users’ access to view and edit specific fields.
  
  
  • Group Creation and Management: Private Groups can be created and managed to keep data within a certain group of members.
  
  
  • Subscriber Management (Super Admin): System subscribers are controlled and managed to ensure segregation of organizational data at all times.
  
  
  • Profile Management (User profile): Separate profiles with different levels of access rights are created to maintain User Access and to ensure optimum use of the product.
  
  
  • Role Management (Organizational Hierarchy): Roles are listed and defined at the time of setting up of the system, to maintain organizational hierarchy.
  
  
  • User Management (Assign Role & Profile): Easy and user-friendly interface is established to manage the logged in users for any organization which has subscribed to SalezShark.


• Infrastructure level Security: A multi – tier administration model which separates administrative activities and access controls as per the user role and level of authorized administrative access.


• Network Level Security: Internet connections established between customers and SalezShark data centers are encrypted with the help of TLS and SSL. By doing this, the data is given complete security and confidentiality between the customer internet location and data center. SalezShark’s network security practices also ensure 99.9 percent network availability.


• Identity and Access Management: Following are the methods that control access to the systems hosting SalezShark.
  
  
  • Staff Level Access Control: To safeguard the customers of SalezShark and their assets/ information, an access control policy has been established. This access privilege is granted based on authority, duty and identity verification.
  
  
  • Pro- active Host Security: SalezShark’s online security is enhanced by proactively securing the host system.
    • Server hardening by disabling unnecessary service
    • Logging and auditing
  
  
  • Restricted access to service:
    • Content inspection
    • Hardened servers
    • Sessions protected by SSL/TLS