Security + Compliance
Application security, network security, compliances and security policies.
We take data integrity and security seriously. A SaaS Management product is a vital infrastructure where data flows about consumption, payments, and tools used in your organization. We have designed our application where all of us understand that security is a first-class citizen. A flavor of this thought process is a password-less architecture for customer onboarding. We handle the data safely and securely, and no data shared without consent. In our architecture, we have made choices. An attribute not required for processing is never stored in our database.
We assure you that the data of your organization will always be secure. We use Cloud and SaaS systems that are third-party tested and have received some of the highest certifications.
We undergo regular penetration tests, compliance checks, and certifications. These certifications ensure that we keep our commitment to privacy and information security.
Quolum complies with the EU-U.S. Privacy Shield by adhering to the principles of protecting anyone's rights in the EU whose personal data is transferred to the United States and bringing legal clarity for businesses relying on transatlantic data transfers.
SSH keys are required to gain console access to our servers, and a user identifies each login. All critical operations are logged to a central log server, and our servers can be accessed only from restricted and secure IPs.
Hosts are segmented, and accesses are restricted based on functionality. That is, application requests are allowed only from AWS ELB, and database servers can be accessed only from application servers.