How your event and engagement data gets encrypted?
Ngage.ai encrypts your data at rest, including event and engagement information, and other
personally identifiable metadata. We use a 256-bit AES encryption in storage and a 256-bit
SSL/TLS encryption in transit.
Ngage.ai is hosted in a Virtual Private Cloud with AWS. AWS follows top IT security
standards, including SOC 2 Type II, SOC 3, PCI-DSS certification, and ISO 27001.
Does your organization have a transparent approach to deal with cyber threats?
From the network security perspective - we are hosted on AWS, and we have two firewalls -
one
Cloudflare WAF and AWS Firewall. Cloudflare is based on IP reputation and
will challenge IPs that have shown problematic activity online. The web application firewall
stops hack attempts on the site. We will also define rule sets based on the technology stack
from the management console. And we are using Dome9 for access to the infrastructure hosted
on AWS.
Does your organization have a documented security incident management process, including
identification, response, and recovery from security incidents?
Protecting your data is of supreme importance and a relentless focus here at Ngage.ai.
We use https://aws.amazon.com/inspector/ for compliance of
applications deployed on AWS After performing an assessment, and Amazon Inspector produces a
detailed list of security findings prioritized by level of severity. These findings are
available via the Amazon Inspector console, which is shared with the security administrators
weekly. We have various tools, internal and external, that scan systems and reports.
Those reports are collated to identify patterns, and then weekly updates and patches are
issued for threats and vulnerabilities. Those are all part of the reports generated via
various tools for audited events, as listed in the previous responses, including Dome9,
Cloudflare, AWS inspector, and other monitoring services.
We lock down all your administrative services so hackers can't brute force attack (or
exploit a vulnerability of) SSH, RDP, and database.
We open those services on demand only for a specific user, service, and time-period and keep
track of those via audit log reviews. We are using Amazon Guard Duty for SIEM. More
information is available on the link below - https://aws.amazon.com/blogs/
security/tag/siem/