Information Security

Stay safe with end-to-end data and information security

book a demo

We are ISO 27001:2013 certified

ISO 27001:2013 is one of the most widely recognized independent international security standards for data and information security. This certificate is awarded to organizations that comply with ISO's high global standards.

Qandle has earned ISO/IEC 27001:2013 certificate for all its products and services.

Qandle Security Practices

Hosting

  • Virtual Private Cloud hosting over Amazon Web services
    • We follow the stringent security guidelines of AWS. AWS is known for the security it offers. Both CIA and NASA use AWS.
  • Bank Grade Security
    • The AWS infrastructure maintains the highest standards of security and puts strong safeguards in place to help protect customer privacy and data. All data is stored in highly secure, PCI DSS compliant data centers.

Transmission

  • SHA-2 and 2048-bit SSL encryption
    • All data transmission over web is end-to-end encrypted using the highest security statndards.
  • Multi-tiered security
    • A 2nd security tier through close watch on data usage and data download patterns to detect breaches in real time.

Storage

  • Separate database for every client
    • Each client's data is stored in a separate databases.
  • Encrypted storage
    • All data is stored post encryption. We use different encryption keys used for different customers to ensure greater protection.
  • Data servers inaccessible to outside world
    • We store all client data on servers which are not connected to the internet. This ensures that only the Qandle application can fetch the data and it is not accessible to any other program/software.

Access

  • Restricted need based access
    • Only employees with the highest clearance have access to client data on a need-to-know basis. Employee access is logged and passwords are strictly regulated.
  • Customer defined permissions for their employees
    • Admin defined enabled and disabled funtionality for different users. Granular customer defined access control rights and permissions.
  • Regular Audits
    • Audits are regularly performed and the whole process is periodically reviewed.

Performance

  • Scalability
    • Qandle is built on highly secure and scalable architecture using modern and ever evolving technology stack.
  • Redundancy
    • Our systems span multiple physical locations with greater redundancy to ensure maximum availability.
  • Recoverability
    • We store backups in multiple secure locations and update them every day to mitigate data loss risk.
  • Uptime
    • We promise 99.9% uptime. Qandle is built for high traffic, low latency, and minimum downtimes.