Open Source

Project Confidentiality Policy

The confidentiality of your project is of utmost importance to us. At Open Source Development, we have adequate measures (in terms of physical security, data security etc) in place so as to provide a secured development environment.

Physical Security

We provide a secured environment at our offshore development center. Access is restricted to authorized personnel and other security measures in the form of round the clock security guards, fire alarms and smoke detectors, fire hydrants, sprinkler systems etc are provided within our development center.

Data/Network Security

We take adequate measures to ensure safety of data and information stored at our development center. Multiple storage media (such as tape-drives, back-up servers etc) are used to back-up data. Backups are taken at regular intervals to ensure that the latest data is always available.For it, we follow a 3 tier back-up policy – backups are taken from the development server to the main server from where data is copied to tape drives. Two copies are made for each tape drive; one is kept within our office premises and the other is deposited in a bank locker for safe keeping.

In addition to regular data back-ups we undertake the following measures to safeguard our network from being accessed by unauthorized users:

  • Firewalls are installed on our servers to ensure that access is restricted to users within the development center.
  • Users are authenticated before being given access.
  • Regular virus scans are performed to detect and eliminate virus threats.
  • Regular software updates and security patches, offered by the software vendors, are installed.
  • Detailed log files are maintained which enable effective monitoring and tracking of usage.

Confidentiality Agreements

In order to protect the interests of our clients, Open Source Development offers to sign Non Disclosure Agreements (NDA). This ensures that strict confidentially is maintained during project development phase.

Application Security

We build our solutions with extensive security measures to prevent unauthorized access and security threats. Some of the preventive measures incorporated by us include the following:

  • 28 bit SSL: We use SSL to protect sensitive transactional data being transferred over the Internet.
  • Valid IP access: The access to the administrator interface of a web application is restricted to specific IP addresses. This prevents unauthorized users from accessing the application.
  • Folder and file permissions: We ensure that all files and folders (that can be accessed by users over the Internet) do not have write permissions.
  • Encrypted Data: We make sure that all sensitive data is stored in encrypted format into the database.

 

Recommendations

We enagaed with Icreon in the summer of 2009 to build a new aspect for our Saddlery company, the brief was to come up with a suitable adaptable ecommerce solution and also a community site for members. We had unfourtnately engaged a cheap off the shelf solution prior to talking with Icreon. After quickly working out that the off the shelf solution would not work, Our in house designers and Icreon set to work to remake the project. In my opinion I have never been more impressed by a company.


John Colville
Joust John Colville