At Paladion, we are committed to earning the trust of our customers by safegaurading data and confirming to industry standards for security and privacy. Mention all our certifications here
Our security model covers physical, network, operational, organizational, and application security requirements.
Our assets are hosted in data centers as well as cloud infrastructure. When hosted in datacenters, we ensure that
Our data centers comply with industry standards (ISO 27001 and SSAE 18 SOC 2) for physical security and availability. The centers are managed and monitored by our authorized in-house personnel.
For Cloud hosting, we use Azure’s public cloud service platform taking advantage of Azure’s wide array of security tools and capabilities.
Our business continuity program ensures consistent service uptime across all hosted environments. Disaster recovery infrastructure is located both on the premises and Azure cloud . .
We ensure that only persons with a need to know have access to customers’ data. Access is periodically reviewed to ensure security of the production assets.
FAULT Domains are enabled on all VMs with geo-redundant storage for backing up data from the 24/7 production servers. In the event of downtime, data is restored to the last recovery point.
Our network infrastructure securely controls the inbound and outbound network traffic using network security procedures such as:
We have ongoing processes in place to manage installation and distribution of security updates for OS, web applications, databases and libraries. We utilize a blend of manual testing and third party tools to determine the network security posture and apply patches for all critical identified vulnerabilities.
All critical network devices are centrally monitored through our advanced MDR platform to provide continuous visibility and timely alerts on unauthorized access and login failures. Our MDR platform powers on AI driven techniques to proactively identify, investigate and anlayze threats.
AV and anti-malware programs are run on all systems and systems are re-imaged if malware are not cleaned.
We conduct regular vulnerability assessments and penetration testing. Such assessments are done on all internal and public facing IPs utilizing both manual and tool-based testing.
We use TLS with AES standards of a 256 bit key management algorithm to protect data in transit on a secure site-to-site VPN medium. For cloud based data, we leverage Azure security controls and standard protocols to encrypt traffic between the VMs.
We address information security management with a triad approach. A focus on processes, people, and technology delivers optimized solutions to customers. Our comprehensive ISMS Framework encompasses policies and procedures to systematically manage sensitive, restricted and confidential internal and customer data.
Secure coding practices and product security are part of the product development life cycle processes. Industry accepted security practices are applied at every stage of the development life cycle. A security review of product architecture and source code is carried out periodically. Additionally, application security testing is conducted on a pre-defined basis to assess code quality, security weaknesses, and vulnerabilities.
We do not collect or process any personal information without explicit permission from our customers. We ensure customers understand what data is collected as well as how and why it is used. Any privacy data is protected by additional security controls that our customers are mandated to follow.
We are certified and assessed against a broad set of international and industry specific compliance standards including ISO 27001, ISO 20000, and SSAE 18 SOC 2 for design and implementation effectiveness of the controls. The design and implementation effectiveness of these controls is verified through rigorous independent audits and assurance.
If you would like more information or if you have security concerns you wish to discuss, please reach out to your Paladion Enagagment Manager or schedule a meeting with our solution experts here.