Haptik’s Security and Technology Policies
Haptik’s information security management program (ISMP) describes the principles and basic rules used for maintaining trust & security. In this program, risks are continually evaluated to improve the environment’s security, confidentiality, integrity, and availability. Furthermore, it helps Haptik maintain a strong foot.
Information Security Metrics
Our information security is pursued and improved based on specific data-driven metrics revisited every quarter of the year. These metrics are based on all 114 controls of ISO 27001:2013 and internal security standards and are scored basis effectiveness and implementation calculations.
These metrics are presented in ISSC meetings to provide the direction in terms of what kind of data is migrated and by how much. Having company-wide metrics in one place has helped us to make our posture better and risk-free on regular basis.
This policy covers directions to establish an effective change, capacity & backup management process including logging, monitoring & handling technical vulnerability. Further directions for separation of development, testing and production environment and control on operational software have been defined.
Our Security calendar and IS metrics also cover protection against malware, clock synchronization, Information Systems Audit Controls amongst many other key security initiatives.
Physical & Environmental Security
Haptik being a Technology focused company has offloaded all our solution hosting on AWS / Azure cloud. These are leaders in providing the best in class security, visibility & uptime. All servers are distributed across multiple data centers to reduce risks of degradation and we have no on-premise systems hosting our platform.
We have measures and controls in place for securing our areas from unauthorized access. Further, directions for protecting the equipment from loss, damage, theft or compromise have been defined at Haptik.