SECURITY

Overview

We take security seriously. This page explains how D‑SAi protects your data, systems, and usage of our website and services. Our goal is to safeguard confidentiality, maintain integrity, and ensure continuous availability of our platform and solutions.

Security principles

• Least-privilege access: Internal access is granted only when required and strictly monitored.
• Zero-trust framework: Verification and authentication required at every access point.
• Defense in depth: Multiple security layers (including network, application, and infrastructure).

Infrastructure & data protection

• Secure SDLC: We follow a secure software development lifecycle across all projects.
• Encryption:
  • • In transit: TLS/SSL encryption.
  • • At rest: Encrypted storage compliant with industry standards.
• Network security: Firewalls, intrusion detection, VPN-only access, and continuous monitoring.

Access controls

• Role-based access (RBAC) to prevent unauthorized access.
• Multi-factor authentication (MFA) for internal systems.
• Audit logs to track all access, changes, and administrative actions.

Operational security

• Human-in-the-loop review for sensitive workflows.
• Regular audits & penetration tests by internal and third-party teams.
• Continuous monitoring of anomalies, threats, and system performance.

Incident response

• 24/7 detection & alerting for unusual activity.
• Documented incident response plan with containment, investigation, and resolution steps.
• Customer notification if an incident materially affects your data.

Business continuity & backup

• Automated backups with encryption and off-site storage.
• Disaster recovery plan to ensure minimum downtime.
• Failover mechanisms to keep services running during outages.

Customer responsibilities

To maintain overall security, customers should:

• • Use strong, unique passwords.
• • Keep access credentials private.
• • Notify us immediately if suspicious activity is detected.
• • Follow contract-specific security requirements.