Security

Workativ has implemented robust security processes and controls that are in compliance with industry-leading standards and regulations. Workativ ensures data security, operational security, and physical security on our platform with highly secure and reliable services.

  • Virtual Private Cloud
    Virtual Private Cloud

    Workativ is hosted in AWS VPCs in the non-promiscuous mode and further segmented for increased security and manageability.

  • Access Controls
    Access Controls

    Workativ implements role-based access through IAM that enforces segregation of duties, two-factor authentication, and end-to-end audit trails, ensuring access is in accordance with security policy.

  • Encryption
    Encryption

    AES 256 bit encryption with 1,024-bit key-strength for data at Rest and TLS encryption for data in transit.

  • Multi-Factor Authentication
    Multi-Factor Authentication

    AWS console login users have MFA token authentication.

  • Use SSH Keys Authentication
    Use SSH Keys Authentication

    Workativ uses PEM key files for server authentication.

  • SSL Encription
    SSL Encription

    All external HTTP requests are secured end to end.

  • Malware & Spam Protection
    Malware & Spam Protection

    We regularly apply malware and spam protection based on the latest threat signatures and support real-time scanning and security.

  • Perimeter Security
    Perimeter Security

    Routing rules are hardened based on pre-established criteria for various permissible transactions across all resources.

  • Management Plane
    Management Plane

    Secure administrative tunnel with whitelisted IP addresses for secure connection to the servers for administrative purposes, through a bastion host.

  • Secure Endpoints
    Secure Endpoints

    Workativ provides secure transactions with end-to-end encryption and secure server-to-server file transfers.

  • Maintain Specific Security Groups
    Maintain Specific Security Groups

    Workativ provides port-based and IP based access to the server for the whitelisted IPs.

  • Private Network Database
    Private Network Database

    Our database servers remove connection attempts or access from the Internet.

  • AWS Cloud Trail
    AWS Cloud Trail

    We monitor AWS console user log events.

  • Alerting Systems
    Alerting Systems

    We monitor Service and Application logs through alerts.

  • Update and Upgrade Software Regularly
    Update and Upgrade Software Regularly

    We update server and security patches regularly.

  • Segregation of Duties
    Segregation of Duties

    Access to the production is restricted to a minimal set of users based on job roles. Access to the production environment for developers and Quality Assurance team members are limited based on their job responsibilities.

  • Code Review
    Code Review

    The Quality Assurance team tests all changes and criteria established for performing code reviews, web vulnerability assessment, and advanced security tests.

  • Version Control
    Version Control

    The source code is managed centrally with version controls, and access restricted based on various teams assigned to specific sprints. Records are maintained for code changes and code check-ins and check-outs.

  • Microcontainer Deployments
    Microcontainer Deployments

    We use docker virtualization technology for service isolation and high availability.

  • Quality Assurance
    Quality Assurance

    Builds undergo stringent functionality tests, performance tests, stability tests, and UX tests before being certified for go-live.

  • DevOps Squad
    DevOps Squad

    Our DevOps sprints are led by a multidisciplinary Squad of members, including the Product Owner, Squad Lead, Tribe Lead and Members, and Quality Assurance.

  • Product Roadmapping
    Product Roadmapping

    Product road-map is defined and reviewed periodically by the ‘Head of Products’. Security fixes are prioritized and bundled in the earliest possible sprint.

  • Platform Load Balancing
    Platform Load Balancing

    Workativ automatically distributes application traffic across multiple availability zones that support high availability, auto-scaling, and robust security.

  • Capacity Management
    Capacity Management

    We undertake proactive capacity monitoring based on conservative thresholds and on-demand capacity expansion capability through our highly elastic hosting partners.

  • Component Redundancy
    Component Redundancy

    All components are deployed in ‘n+1’ mode across multiple availability zones configured in active-active mode behind a load balancing service.

Navigated to Security