01. Wiztango secure development framework

  • Strong User Authentication

    User authentication and authorization happens through a separate process using MD5 and Salting algorithms. User authentication data is completely separate from user's transactional data.

  • Multi Tier Application Architecture

    Wiztango uses SOA (Service oriented architecture) along with MVC architecture. User Interface, the business layer and the database are completely isolated from each other. Service calls among layers are synchronous and carry an identity so to be accepted between them.

  • Password policies

    Automated validation of the password for strengths and complexity happen at user registration process and it is visually indicated as well to help users define a strong password. Forgot password mechanism allows the user to regenerate the password which gets automatically sent to user's registered email is only.

  • Captcha

    Wiztango uses a character based Captcha in the registration flow, simple for the user to read although almost impossible for the robots to break in. We want to make sure to be fail proof and still easy for the user to register.

  • Single Sign On

    Wiztango support CAS based SSO on all web based and mobile clients. Further it has got a native capability via a "Paid App" to get connected with LDAP.

  • Application development best practises

    Wiztango utilises best design and development practises during the entire product cycle to protect itself from human limitations and failure to sanitize inputs and outputs.

02. Customer Data Protection

  • Secure connection

    All connections of Wiztango are secured via 256 bit SSL/TSL. Wiztango uses AES_256_CBC with SHA1 for message and RSA as a key exchange mechanism.

  • Customer Data protection

    Wiztango is designed to keep user's transactional data separate from authentication and profile data. Inbound-Outbound traffic happens between Wiztango network in a trusted mechanism to make sure data cannot be leaked inside. All data is marked and treated as classified and sensitive. Production data is never moved outside of Wiztango network. Even the fail safe mechanism uses backup deployment of Wiztango in the same/separate data centre so that data remains always in.

  • Disaster recovery and business continuity

    Wiztango uses real time load balancer at every layer of its deployment to ensure the user gets the highest possible uptime. Data is automatically backed up till last 5 minute and has a mechanism of restoring in real time.

03. Data Centre Security

Wiztango is deployed on Amazon AWS. Amazon has number of Certifications and Third Party Attestations like SOC 1/SSAE 16/ISAE 3402, SOC 2, FISMA, DIACAP, FedRAMP, ISO 27001, PCI DSS Level 1, FIPS 140 -2.

More details about Amazon AWS security can be read here

A detailed white paper on Amazon Web services Risk and Compliance can be read here

Further, Wiztango users various Amazon mechanisms to identify ourselves and securely access the internal services like AWS identify and Access Management, AWS Multi factor authentication, Key rotation, Hardened Operating system to name a few.