Sainapse is ISO 27001 certified.
Sainapse is a member of the Cloud Security Alliance. Cloud Security Alliance (CSA), a not-for-profit organization with a mission to promote the use of best practices for providing security assurance within Cloud Computing.
Sainapse has the ability to identify and blank out PII (not just structured entities like SSN / CC PAN / Telephone / ZIP codes, but also names of persons and organizations, and addresses).
Sainapse uses Cloud host Identity Provider to pull data from Clients AD system as Single Sign On process. As a hosted service, rest are provided by Cloud host as Cloud host system generates logs from cloud trail, cloud watch VPC flowlogs load balancer logs etc, which will be stored in S3 buckets with restrictive access.
Sainapse uses RBAC which is based on identity provided as AD of customer. Cloud host feature IAM lets securely create and manage secure user identities and role / policy-based access.
Sainapse periodically conducts VAPT through accredited third parties to surface any vulnerabilities. The latest VAPT report can be viewed here.
All Sainapse components are stored within customer’s ringfence. Depending on customer’s architecture, it can be on-prem, on a private cloud or public cloud.
Sainapse shall access customer information over VPN connection. Sainapse shall not store any customer data in its network.
Our resources connect to code repository, test rigs, etc. on the cloud through controlled access.
Sainapse is typically installed in a three system DQP (Development-Quality-Production) model for on-prem deployment, and as a two system (Staging and Production) model for cloud deployment. The Quality / Staging VM acts as failover. Sainapse is installed on customers' infrastructure; uptime would depend on customers' infrastructure resiliency.
Sainapse facilities are secured facilities with physical guards, badge readers, ID scanning. The server, network, and hub room have separate controlled access with CCTV monitoring.
Periodic security training is conducted for all employees, including online assessments.
All employees of Sainapse are put through extensive background checks, covering academics, previous employment and criminal history in accordance with local laws. All employees and contractors of Sainapse execute Non-disclosure agreements as part of their contracts.