SECURITY

The future of business is all about digital. Here our digital cards help professional.

Singapore Digital NameCard Pte Ltd

ssl certificate

Encrypting as much web traffic as possible to prevent data theft and other tampering is a critical step toward building a safer, better Internet. We’re proud to be the first Internet performance and security company. SSL (Secure Socket Layer) is the standard security technology for establishing an encrypted link between a web server and a browser. This secure link ensures that all data transferred remains private. It’s also called TLS (Transport Layer Security). Millions of websites use SSL encryption everyday to secure connections and keep their customer’s data safe from monitoring and tampering

Cloudflare Security

Our Database is fully secured by Cloudflare, Cloudflare is a global network designed to make everything you connect to the Internet secure, private, fast, and reliable. Secure your websites, APIs, and Internet applications. Protect corporate networks, employees, and devices. Write and deploy code that runs on the network edge. It protects your internal resources such as behind-the-firewall applications, teams, and devices. And it is your platform for developing globally-scalable applications.

Web Application Firewall

Cloudflare Web Application Firewall's intuitive dashboard enables users to build powerful rules through easy clicks and also provides Terraform integration. Every request to the WAF is inspected against the rule engine and the threat intelligence curated from protecting approximately 25 million websites. Suspicious requests can be blocked, challenged or logged as per the needs of the user while legitimate requests are routed to the destination, agnostic of whether it lives on-premise or in the cloud. Analytics and Cloudflare Logs enable visibility into actionable metrics for the user.

Install Card On Mobile

We give a new concept for PWA feature, your clients or friends can install your Digital card on there mobile dashboard like mobile icon app. Once you install the digital card on mobile they easily access there mobile.

Data Security and Confidential

Standard security measures, such as firewalls, intrusion detection systems (IDSs) and antivirus software, are commonly available products that guard computers against outsider and insider attacks. The use of a firewall, for example, prevents the access of outsiders to the internal network and an intrusion detection system detects intrusion attempts by outsiders. Inside attacks can be averted through antivirus scans that detect Trojan horses that send confidential information, and by the use of thin clients that operate in a client-server architecture with no personal or sensitive data stored on a client device.

1.Do you use any encryption, hashing, to kenization and key management practices to protect the data?
Database PII columns and the platform discs are encrypted. Backup data is also encrypted.
2.Do you guarantee to keep confidentiality and integrity of the data you retain?
Data is encrypted and secured over the cloud with the retention period of as per requirement by the partner.

3.Encryption
   a. Does the solution provides the ability to encrypt data and records.
We use MySQL encryption technology to encrypt the data with sha256 algorithm.
   b. Ability to encrypt data at the database level, the file storage level, and content that has been backed up/at rest.
Database PII columns and the platform discs are encrypted . Backup data is also encrypted.

Vulnerability Assessment (VA & PT)

Vulnerability Assessment tools uncover all possible network weaknesses, leaving customers guessing as to which vulnerabilities pose real, imminent threats. Penetration Testing safely exploits vulnerabilities to eliminate "false positives" and reveal tangible threats. Penetration test results enable IT staff to delineate critical security issues that require immediate attention from those that pose lesser risks.
Vulnerability Analysis is the act of determining which security holes and vulnerabilities may be applicable to the target network or host. The vulnerability analysis phase is started. after some interesting hosts are identified via scanning tools and is preceded by the enumeration phase.

Identification & Filtration of False Positives.
Identification & Filtration of False Negatives.
Banners exposing internal information.
Exposed Web Applications variables, etc.,
Default configuration mistakes.

SGNameCard Infrastructure Security

In SGNameCard Infrastructure, the above technological components contribute to and drive business functions. Leaders and managers within the IT field are responsible for ensuring that both the physical hardware and software networks and resources are working optimally. SGNameCard infrastructure can be looked at as the foundation of an organization's technology systems, there by playing an integral part in driving its success

Q: Due to unforeseen circumstances, how fast it will be rectified and back to normal ?
Would able rectify issues as soon as possible
Q: How is data being protected from Hacking ?
SGNameCard servers are updated with necessary updates & Patching when newer versions are released.
With regards to website hacking, often hackers do not target servers, they search for and target websites
that are vulnerable mostly due to outdated software installations, so we do regular software updates.
Q: Where is the solution and platform hosted ?
Solution hosted on Cloud . Singapore DATA Center.
Q: Describe the data protection methodology
Data is protected by cloud platform encryption methodology
Q: Describe the regular test backup and recovery processes.
We are taking daily backup of databases and following monthly restoration testing of the backup taken.
Q: Explain the controls for intrusion detection, perimeter security, physical security and security patching
We have a web application firewall on the cloud to protect web applications for the intrusion attacks.
Q: Describe the regular test backup and recovery processes.
We are taking daily backup of databases and following monthly restoration testing of the backup taken.

saas model

High availability is provided out of the box in SaaS model and for On SGNamecard deployments software has capability to be deployed in high availability mode. The SGNameCard team SaaS architecture uses a multi-tenant data model to host all its data. Data for each tenant is held separately. All user data is protected from unauthorized access. This security policy was last updated on 22nd December 2021

Integrity

Data Security - Data is protected both at rest and in motion Auditability - Appropriate audit of all key activities are maintained

Technical & Software Support Availability

With the increasing use of technology in modern times, there is a growing requirement to provide technical support. SGNameCard was amongst the first Digital Business card companies to have technical support and customer service departments. These are often referred to as MSPs (Managed Service Providers)

Q: What hours is your Technical Support department available?
9am to 9pm Singapore time (GMT +8)
Q: Describe how support issues are logged.
Customers will email us to our support group they will rectify within 24hrs time.
Q: Detail your problem escalation procedure.
itsecurity@sgnamecard.com.sg will address the issues if not solve escalate to itsupporturgent@sgnamecard.com.sg