Compliance

Data Security Data Security
Security Compliance: ISO 27001

Sainapse is ISO 27001 certified.

Memberships: Cloud Security Alliance

Sainapse is a member of the Cloud Security Alliance. Cloud Security Alliance (CSA), a not-for-profit organization with a mission to promote the use of best practices for providing security assurance within Cloud Computing.

Privacy Policy

Sainapse Privacy Policy aligns with the best of enterprise sofwares and can be accessed at https://sainapse.ai/privacy-policy

Product Security

Redacting Sensitive Data / PII

Sainapse has the ability to identify and blank out PII (not just structured entities like SSN / CC PAN / Telephone / ZIP codes, but also names of persons and organizations, and addresses).

Authentication Security

Sainapse uses Cloud host Identity Provider to pull data from Clients AD system as Single Sign On process. As a hosted service, rest are provided by Cloud host as Cloud host system generates logs from cloud trail, cloud watch VPC flowlogs load balancer logs etc, which will be stored in S3 buckets with restrictive access.

Role Based Access Control

Sainapse uses RBAC which is based on identity provided as AD of customer. Cloud host feature IAM lets securely create and manage secure user identities and role / policy-based access.

Vulnerability Manangement

Sainapse periodically conducts VAPT through accredited third parties to surface any vulnerabilities. The latest VAPT report can be viewed here.

Infrastructure Security

Hosting

All Sainapse components are stored within customer’s ringfence. Depending on customer’s architecture, it can be on-prem, on a private cloud or public cloud.

Network Security

Sainapse shall access customer information over VPN connection. Sainapse shall not store any customer data in its network.
Our resources connect to code repository, test rigs, etc. on the cloud through controlled access.

Availability & Continuity

Sainapse is typically installed in a three system DQP (Development-Quality-Production) model for on-prem deployment, and as a two system (Staging and Production) model for cloud deployment. The Quality / Staging VM acts as failover. Sainapse is installed on customers' infrastructure; uptime would depend on customers' infrastructure resiliency.

Physical Security

Sainapse facilities are secured facilities with physical guards, badge readers, ID scanning. The server, network, and hub room have separate controlled access with CCTV monitoring.

Human Resources Security

Security Awareness

Periodic security training is conducted for all employees, including online assessments.

Employee Vetting

All employees of Sainapse are put through extensive background checks, covering academics, previous employment and criminal history in accordance with local laws. All employees and contractors of Sainapse execute Non-disclosure agreements as part of their contracts.