Safeguarding Customer Data

At Paladion, we are committed to earning the trust of our customers by safegaurading data and confirming to industry standards for security and privacy. Mention all our certifications here

Our security model covers physical, network, operational, organizational, and application security requirements.

Physical Security

Our assets are hosted in data centers as well as cloud infrastructure. When hosted in datacenters, we ensure that

Our data centers comply with industry standards (ISO 27001 and SSAE 18 SOC 2) for physical security and availability. The centers are managed and monitored by our authorized in-house personnel.

Perimeter

  • Multiple physical layers of defense
  • 24/7 on-site security staff

Building

  • Entry control alarms
  • Biometric authentication systems
  • Security cameras

ODC

  • ODC-specific access control
  • Digital surveillance systems
  • Entry control alarms

For Cloud hosting, we use Azure’s public cloud service platform taking advantage of Azure’s wide array of security tools and capabilities.

Availability and Access

Our business continuity program ensures consistent service uptime across all hosted environments. Disaster recovery infrastructure is located both on the premises and Azure cloud . .

We ensure that only persons with a need to know have access to customers’ data. Access is periodically reviewed to ensure security of the production assets.

Scheduled Data Backups

FAULT Domains are enabled on all VMs with geo-redundant storage for backing up data from the 24/7 production servers. In the event of downtime, data is restored to the last recovery point.

Network and Operations Security

Network Protection

Our network infrastructure securely controls the inbound and outbound network traffic using network security procedures such as:

  • Multi-layer firewall architecture
  • VLAN segmentation for network isolation
  • Secure site-to-site VPN access for private transmission
  • Dedicated VPNs with SSL encryption within and between deployments

Update Management

We have ongoing processes in place to manage installation and distribution of security updates for OS, web applications, databases and libraries. We utilize a blend of manual testing and third party tools to determine the network security posture and apply patches for all critical identified vulnerabilities.

Monitoring and Logging

All critical network devices are centrally monitored through our advanced MDR platform to provide continuous visibility and timely alerts on unauthorized access and login failures. Our MDR platform powers on AI driven techniques to proactively identify, investigate and anlayze threats.

Antivirus and Malware

AV and anti-malware programs are run on all systems and systems are re-imaged if malware are not cleaned.

Red Teaming Exercises for Security Hygiene

We conduct regular vulnerability assessments and penetration testing. Such assessments are done on all internal and public facing IPs utilizing both manual and tool-based testing.

Data encryption

We use TLS with AES standards of a 256 bit key management algorithm to protect data in transit on a secure site-to-site VPN medium. For cloud based data, we leverage Azure security controls and standard protocols to encrypt traffic between the VMs.

Organizational Security

Information Security Management System

We address information security management with a triad approach. A focus on processes, people, and technology delivers optimized solutions to customers. Our comprehensive ISMS Framework encompasses policies and procedures to systematically manage sensitive, restricted and confidential internal and customer data. 

Application Security

Secure coding practices and product security are part of the product development life cycle processes. Industry accepted security practices are applied at every stage of the development life cycle. A security review of product architecture and source code is carried out periodically. Additionally, application security testing is conducted on a pre-defined basis to assess code quality, security weaknesses, and vulnerabilities.

Data Privacy

We do not collect or process any personal information without explicit permission from our customers. We ensure customers understand what data is collected as well as how and why it is used. Any privacy data is protected by additional security controls that our customers are mandated to follow.

Compliance and Certifications

We are certified and assessed against a broad set of international and industry specific compliance standards including ISO 27001, ISO 20000, and SSAE 18 SOC 2 for design and implementation effectiveness of the controls. The design and implementation effectiveness of these controls is verified through rigorous independent audits and assurance.

Contact Information

If you would like more information or if you have security concerns you wish to discuss, please reach out to your Paladion Enagagment Manager or schedule a meeting with our solution experts here.