Openwave boasts of a state-of-the-art Offshore Delivery Center (ODC) and a centralized ISO 27001:2013 certified IT hub that is based out of Chennai.
The ODC is a 10,000-sq.ft facility with 3 floors of space for project teams. Individual spaces for conferences, meetings and training teams have been allocated along with dedicated workstations for each domain.
Openwave places great emphasis on high-quality infrastructure to ensure reliability and constant uptime. We promise our clients the following:
- Minimal Downtime
- Private Network
- Managed Firewall
- Window Server 2003/Linux Server
- Web Servers
- Load Balanced
With a skilled team of hardware engineers, we work constantly to ensure that our mean time between failure (MTBF) rates is high and loss due to downtimes is low. All our systems pack up to three levels of redundancy thereby ensuring uptime even when multiple components fail.
At Openwave, we are highly sensitive to information security and have an extensively documented security policy that is formulated on the ISO / BS7799 standards. We follow a client-centric information security policy, one that ensures confidentiality, integrity, and protection of all assets. We make all our information assets to clients and internal teams on a case-by-case basis thereby ensuring utmost privacy.
- Network Security
- Physical Security
- Desktop & Server Security
- We take constant efforts to keep our network away from the reach of malicious elements and ensure protection from all types of hacking.
- We have deployed SonicWall NSA 2400 Firewall on all Openwave Internet gateways. This helps us regulate access to the offshore network.
- Creating an air-gapped network to ensure utmost security.
- Protection of the client network with a secure firewall.
- An Intrusion Detection System on both the gateways and on the internal network to identify unauthorized entrants and deter them from gaining further access.
- Tracking the firewall and IDS logs and an analysis of the same to detect suspicious activity.
- Symantec Enterprise security manager.
- Symantec Firewall at the desktop level.
- The network is segregated into three separate zones with varying level of clearances: Trusted zone, DMZ and Distrusted zones.
- All changes to the system are thoroughly analyzed and vetted before being implemented. This helps reduce misadventures and prevents from any bugs or malware entering into the system.
- From internet downloads to software installations, all activities are under surveillance and require Admin approval.
- The internet infrastructure and its associated security infrastructure which comprises of firewalls, routers and web-facing servers are hardened for security and constantly maintained in accordance with standard guidelines.
- Memory-intensive plugins and add-ons that are not considered necessary are disabled.
Openwave has deployed Symantec Antivirus End-Point projection 11.0 software all over its servers and workstations. The software controls all scanning operations and leaves no stone unturned when it comes to detecting malware and viruses.
All hardware is subjected to daily checkup and the drives are scanned to ensure that there are no weak spots. The Auto protection software ensures that all local and network drives, as well as incoming emails and attachments are monitored constantly. Upon detection of a threat, the same is sanitized/ separated.
Access to folders is thoroughly regulated with a Domain Based Access Control List in place, which grants read-only or modify access on a case-wise basis.
Both the Desktops and the Servers are constantly updated with patches. Service packs and hot-fixes are sourced from Microsoft and used to eliminate vulnerabilities and achieve optimum performance.
- Network Attached Storage (NAS): Openwave boasts of a vast online backup system to achieve a high degree of redundancy when the servers or the HDDs are down. This Network Attached Storage system helps restore the data and server back to full-functioning in less than two hours. This helps reduce downtime.
- LTO4 Backup: We also use an LTO4 Tape Drive with Cartridges for our backups using which our teams maintain a daily, weekly, and monthly repository of backups. We also backup all the data at our remote locations
Our Physical Security Comprises Of The Following Elements:
- We adopt a three-pronged security approach with Physical Security being the first level of deterrence. A dedicated admin head handles and monitors all the security arrangements at our ODC.
- The ODC has a separate work module for all its development activities which is overseen by the security.
- Our ODC premises are guarded 24*7 by trained security guards who are recruited from reputed security agencies.
- All security guards are thoroughly scrutinized with rigorous background checks.
- Employees and associates are provided with a valid photo identity card that is to be mandatorily displayed when entering the premises.
- The ODC has completely segregated into different divisions the access to which are regulated and monitored. Access Logs for the different departments are constantly kept track of.
- The access to project work modules and ODC is regulated and is restricted only to concerning associates who are attached to the particular project or ODC.
- A well-defined mechanism has been set in place that grants, reviews and revokes access to projects on the basis of the status and rank of the associate.
- Strict visitor management policies ensure that visitors are kept away from gaining unauthorized entry or access to sensitive workstations. Logs are maintained for all visitors to detect any suspicious behavior.
- All transfer of media and property on the campus is regulated thoroughly with checks in place to restrict access wherever necessary. Similarly, recording equipment such as cameras and flash drives are prohibited on the work premises.
- An Equipment Reuse and Disposal Policy that keeps track of all information in the equipment helps identify any sensitive information onboard before discarding.
- All maintenance and repairs are monitored by the asset custodian to prevent any malicious activity.
- All third-party vendors are expected to sign a Non-Disclosure Agreements to maintain confidentiality.
- We adopt a 'Clear Screen and Clear Desk Policy' that minimizes the risk of unauthorized access to desktop files and documents and ensure that no damage or loss of information takes place in the process.
- The ODC boasts of an adequate power backup system that helps the team see through all contingencies.
- The premises and hardware equipment are well-guarded against environmental hazards and natural calamities.
- All our premises have robust fire safety norms in place and boast of an integrated fire prevention and detection program that ensure protection and prevention of fire hazards.
- To add a layer of security and prevent data leaks, cameras and other video recording equipment are not permitted inside the workspace.