- Wiztango secure development framework
- Strong User Authentication
- Multi Tier Application Architecture
- Password policies
- Single Sign On
- Application development best practises
- Customer Data Protection
- Secure connection
- Customer Data protection
- Disaster recovery and business continuity
- Data Centre Security
User authentication and authorization happens through a separate process using MD5 and Salting algorithms. User authentication data is completely separate from user's transactional data.
Wiztango uses SOA (Service oriented architecture) along with MVC architecture. User Interface, the business layer and the database are completely isolated from each other. Service calls among layers are synchronous and carry an identity so to be accepted between them.
Automated validation of the password for strengths and complexity happen at user registration process and it is visually indicated as well to help users define a strong password. Forgot password mechanism allows the user to regenerate the password which gets automatically sent to user's registered email is only.
Wiztango uses a character based Captcha in the registration flow, simple for the user to read although almost impossible for the robots to break in. We want to make sure to be fail proof and still easy for the user to register.
Wiztango support CAS based SSO on all web based and mobile clients. Further it has got a native capability via a "Paid App" to get connected with LDAP.
Wiztango utilises best design and development practises during the entire product cycle to protect itself from human limitations and failure to sanitize inputs and outputs.
All connections of Wiztango are secured via 256 bit SSL/TSL. Wiztango uses AES_256_CBC with SHA1 for message and RSA as a key exchange mechanism.
Wiztango is designed to keep user's transactional data separate from authentication and profile data. Inbound-Outbound traffic happens between Wiztango network in a trusted mechanism to make sure data cannot be leaked inside. All data is marked and treated as classified and sensitive. Production data is never moved outside of Wiztango network. Even the fail safe mechanism uses backup deployment of Wiztango in the same/separate data centre so that data remains always in.
Wiztango uses real time load balancer at every layer of its deployment to ensure the user gets the highest possible uptime. Data is automatically backed up till last 5 minute and has a mechanism of restoring in real time.
Wiztango is deployed on Amazon AWS. Amazon has number of Certifications and Third Party Attestations like SOC 1/SSAE 16/ISAE 3402, SOC 2, FISMA, DIACAP, FedRAMP, ISO 27001, PCI DSS Level 1, FIPS 140 -2.
More details about Amazon AWS security can be read here; http://aws.amazon.com/security/
A detailed white paper on Amazon Web services Risk and Compliance can be read here; http://media.amazonwebservices.com/AWS_Risk_and_Compliance_Whitepaper.pdf
Further, Wiztango users various Amazon mechanisms to identify ourselves and securely access the internal services like AWS identify and Access Management, AWS Multi factor authentication, Key rotation, Hardened Operating system to name a few.