Openwave boasts of a state-of-the-art Offshore Delivery Center (ODC) that is ISO 27001:2013 and is based out of Chennai, a globally-acclaimed IT hub.
The ODC is a 10,000 sq.ft. facility with 3 floors of space for project teams. Individual spaces for conferences, meetings and training teams have been allocated along with dedicated workstations for individual projects.
Openwave places great emphasis on high-quality infrastructure to ensure development teams with reliability and constant uptime. We promise our clients with the following:
- Minimal Downtime
- Private Network
- Managed Firewall
- Window Server 2003/Linux Server
- Web Servers
- Load Balanced
With a skilled team of hardware engineers on our team, we work constantly to ensure that our mean time between failure (MTBF) rates are high and loss due to downtimes are low. All our systems pack up to three levels of redundancy thereby ensuring uptime even when multiple components fail.
At Openwave, we are highly sensitive to information security and have an extensively documented security policy that is formulated on the ISO / BS7799 standards. We follow a client-centric information security policy, one that ensures confidentiality, integrity, and protection of all assets. We make all our information assets to clients and internal teams on a case-by-case basis thereby ensuring utmost privacy.
- Physical Security
- Network Security
- Desktop & Server Security
- We have deployed Sonicwall NSA 2400 Firewall on all Openwave Internet gateways. This helps us regulate access to the offshore network.
- We take constant efforts to keep our network away from the reach of malicious elements and ensure that all types of hacking are kept out.
- Creating an air-gapped network to ensure utmost security
- Protection of the client network with a secure firewall
- Tracking the firewall and IDS logs and an analysis of the same to detect suspicious activity
- Symantec Enterprise security manager
- Symantec Firewall at the desktop level
- An Intrusion Detection System on both the gateways and on the internal network to identify unauthorized entrants and deter them from gaining further access.
- The network is segregated into three separate zones with varying level of clearances: Trusted zone , DMZ and distrusted zones
- The internet infrastructure and its associated security infrastructure which comprises of Firewalls, routers, Web-facing servers are hardened for security and constantly maintained in accordance with standard guidelines.
- All changes to the system are thoroughly analyzed and vetted before being implemented. This helps reduce misadventures and prevents any bugs or malware from entering into the system. From internet downloads to software installations, all activities are under surveillance and can be proceeded only with Admin approval.
- Memory-intensive plugins and add-ons are disabled.
Openwave has deployed Symantec Antivirus End-Point projection 11.0 software all over its servers and workstations. The software controls all scanning operations and leaves no stone unturned when it comes to detecting malware and viruses.
All hardware is subjected to daily checkup and the drives are scanned everyday to ensure that there are no weak spots. The Auto protection software ensures that all local and network drives are monitored constantly with incoming emails and attachments being sanitized before opening.
Access to folders is thoroughly regulated with a Domain Based Access Control List in place which grants read-only or edit access on a case-wise basis.
Both the Desktops and the Servers are constantly updated with patches. Service packs and hotfixes, which are used for desktops and servers respectively, are sourced from Microsoft. This ensures optimum performance of the hardware.
- Network Attached Storage (NAS): Openwave boasts of a vast online backup system that serves as a redundancy when the servers or the HDDs are down. This Network Attached Storage system helps restore DATA and Server back to full-functioning in less than two hours. This helps reduce downtime.
- LTO4 Backup: Apart from online backups, we also maintain a dedicated hardware offline backup. We use an LTO4 Tape Drive with Cartridges for all External Backups. Our teams maintain a daily, weekly, and monthly repository of backups. We also take a backup of all data at our remote locations.
Our physical security comprises of the following elements:
- All security guards are thoroughly scrutinized with rigorous background checks.
- Employees and associates are provided with a valid photo identity card that is mandatorily displayed all over the premises.
- We adopt a three-pronged security approach with Physical Security being the first level of deterrence. A dedicated admin head handles and monitors all the security arrangements at our ODC.
- The ODC has a separate work module of all its development activities which is overseen by the security.
- All the premises at our ODC are guarded 24*7 by trained security guards who are brought in from reputed security agencies.
- The ODC is completely segregated into different divisions the access to which are regulated and monitored. Access Logs for the different departments are constantly kept track of.
- The access to project work modules and ODC is regulated and is restricted only to concerning associates who are attached to the particular project or ODC.
- An Equipment Reuse and Disposal Policy that keeps track of all information in the equipment helps identify any sensitive information onboard before discarding it.
- All maintenance and repairs are monitored by the asset custodian to prevent any malicious activity.
- All third party vendors are expected to sign a Non-Disclosure Agreement to maintain confidentiality.
- A well-defined mechanism has been set in place that grants, reviews and revokes access to projects and ODCs on the basis of the status and rank of the associate
- Strict visitor management policies ensure that visitors are kept away from gaining unauthorized entry or access to sensitive workstations. Logs are maintained for all visitors to detect any suspicious behavior.
- All transfer of media and property on the campus is regulated thoroughly with checks in place to restrict wherever necessary. Similarly, recording equipment such as cameras and flash drives are prohibited on the work premises
- We adopt a 'Clear Screen and Clear desk Policy' that minimizes the risk of unauthorized access to desktop files and documents and ensure that no damage or loss of information takes place in the process.
- The ODC boasts of an adequate power backup system that helps the team see through all contingencies.
- The premises and hardware equipment are well guarded against environmental hazards and natural calamities.
- All our premises have robust fire safety norms in place and boast of an integrated fire prevention and detection program that ensure protection and prevention of fire hazards.