Open Source

Project Confidentiality Policy

The confidentiality of your project is of utmost importance to us. At Open Source Development, we have adequate measures (in terms of physical security, data security etc) in place so as to provide a secured development environment.

Physical Security

We provide a secured environment at our offshore development center. Access is restricted to authorized personnel and other security measures in the form of round the clock security guards, fire alarms and smoke detectors, fire hydrants, sprinkler systems etc are provided within our development center.

Data/Network Security

We take adequate measures to ensure safety of data and information stored at our development center. Multiple storage media (such as tape-drives, back-up servers etc) are used to back-up data. Backups are taken at regular intervals to ensure that the latest data is always available.For it, we follow a 3 tier back-up policy – backups are taken from the development server to the main server from where data is copied to tape drives. Two copies are made for each tape drive; one is kept within our office premises and the other is deposited in a bank locker for safe keeping.

In addition to regular data back-ups we undertake the following measures to safeguard our network from being accessed by unauthorized users:

  • Firewalls are installed on our servers to ensure that access is restricted to users within the development center.
  • Users are authenticated before being given access.
  • Regular virus scans are performed to detect and eliminate virus threats.
  • Regular software updates and security patches, offered by the software vendors, are installed.
  • Detailed log files are maintained which enable effective monitoring and tracking of usage.

Confidentiality Agreements

In order to protect the interests of our clients, Open Source Development offers to sign Non Disclosure Agreements (NDA). This ensures that strict confidentially is maintained during project development phase.

Application Security

We build our solutions with extensive security measures to prevent unauthorized access and security threats. Some of the preventive measures incorporated by us include the following:

  • 28 bit SSL: We use SSL to protect sensitive transactional data being transferred over the Internet.
  • Valid IP access: The access to the administrator interface of a web application is restricted to specific IP addresses. This prevents unauthorized users from accessing the application.
  • Folder and file permissions: We ensure that all files and folders (that can be accessed by users over the Internet) do not have write permissions.
  • Encrypted Data: We make sure that all sensitive data is stored in encrypted format into the database.

 

Recommendations

"We are having around 6 year’s relationship with Icreon Communications. Two main site of our organization (www.cec-india.org and www.labourfile.org ) is developed by Icreon. Most important part in working with Icreon is that, they are very skilled professionals and very co-operative.

The staff whoever assigned to our work were always willing to accept the changes and suggestions from the Clients side during the work period, which help us to build good relationships with them and a professional website also."


Graceson Mathew
System Administrator Centre for Education and Communication (CEC)