Popupsify offers comprehensive SaaS products to millions to help the business grow their business exponentially. Security plays a major role we design-build in products and we take care of the information that our customers and visitors drop in via email. We're transparent with our security to make you feel informed and safe using our products. Here we will be covering topics like data security, operational security, and physical security to clearly explain how we offer security. The security procedure mentioned on this page is applicable to all the existing and future products of Popupsify. Along with building products that offer 360 support, we back ourselves with robust data security and privacy practices.
Popupsify secures its customer's data with a multi-fold model of security architecture, end-to-end security, and highly resilient architecture.
Security Operations and Best Practices
Our dedicated security team adheres to industry best practices and is aligned with the control framework. Any sort of security threat is prevented using our detection program, secure software development program, and industry-accepted operational practices.
Network Security
We perform certain security tests including threat-modeling, automated scanning, and third-party audits. Along with all the existing measures, we keep our customers informed of the real-time system status.
Availability of Data Centers
Any sort of physical access to our data center is prohibited by anyone outside the authorized individuals. We maintain high levels of availability with multiple geographically diverse data centers.
Infrastructure Security
Our regular infrastructure monitoring techniques are designed to offer multiple layers of protection and defense. We make sure to use, firewalls to prevent our network from unauthorized access. All the important security aspects are monitored using our proprietary tool and notifications are triggered in any instance using DDoS prevention, Server hardening, and Intrusion detection and prevention.
Data Security
Any advanced features are directly governed by a change management policy to ensure all the modifications are authorized. Our software development life cycle is for following the coding guidelines as well as a screening of code changes for potential security issues with our set of tools like code analyzer, vulnerability scanners, review processes, and much more. Our robust security framework based on OWASP standards, which is implemented in the application layer, provides functionalities to mitigate threats such as SQL injection cross-site scripting, and application layer DOS attacks.
Operational Security
Popupsify monitors and analyses all the gathered information from service, internal traffic in our network, and usage of devices. All the information stored is recorded in the form of event logs, audit logs, fault logs, administration logs, and operator logs. The above-mentioned logs are automatically monitored and analyzed to find any kind of unusual activity in employees' accounts. We store these logs in a secure server to ensure complete protection.
Reporting and Alerts
We will every time notify you of the incidents in our environment that apply to you and also notify you about the actions and active measures you can take. Any time necessary, we will identify, collect, and acquire all the crucial details with an application to fill and track logs regarding incidents. We take preventable measures to control the occurrence of such situations.
We respond to the security or privacy incidents you have reported to us by dropping an email on our official ID as our highest priority. In the case of any general incidents, we will notify our users via multiple mediums such as blogs, forums, and social media. In case of any specific incidents, we will inform the concerned person on the registered email.
Breach Notifications
If we are aware of any malpractice according to the General Data Protection Regulation (GDPR), we will notify you within 72 hours. Depending on any particular requirements, we will notify our customers as and when necessary.
Single Sign-On
Popupsify strives to make it delightful for its customers. The single sign-on lets users access multiple Popupsify services with single sign-in credentials. When you sign in to Popupsify, it happens through our integrated Identity and access management services. SSO simplifies the login process by providing easy access control and reporting.
Multi-factor Authentication
Popupsify offers an extra layer of security such as multi-factor authentication. It is an additional verification that the users must possess, apart from the password. This is to reduce the chance of unauthorized access using the Time-based OTP.
Administrative Access
We employ technical access controls and certain internal policies for accessing user data this is to reduce the risk of data exposure. Access to data is maintained by a central directory and authenticated using passwords and two-factor authentication.
Malware and Spam Protection
All the user files are automatically scanned using our automated scanning system that's designed to stop the spread of the virus. Our custom anti-malware engine looks for regular updates from external threat intelligence sources and scans files against blacklisted signatures and unusual patterns.
Organizational Security
We have an Information Security Management System (ISMS) in place to take care of our security objectives. Each employee we hire undergoes a background verification to make sure that may not pose any risk to user data. We do this to verify criminal records, and any previous employment blackmarks. Each employee undergoes training in information security, compliance, and the privacy policies that Popupsify follows. Apart from this, we also conduct events to raise awareness regarding security and privacy.