Robust built-in security. Data in Transit is encrypted. VAPT & PCI complaint. OAuth/Single sign-on
Web Application Security Compliance: Our application code is developed adhering to standards in Web Security and Application Security. It is periodically VAPT audited.
OAuth Identity Manager: Application security is further enhanced by the use of Web Tokens. From initial login, every component of the application will require a web token which is validated against an Identity Manager (OAuth). Web Tokens expire as configured (usually minutes) or on logout. An intruder will not be able to run any service and gain access to servers in the absence of a valid web token. This is an industrial strength authentication model, widely used in web applications today.
Intra-Page Encryption:Data exchange between web application pages are encrypted (SHA- 256).
PII Compliance:All data elements subject to PII compliance are encrypted not only during transmission, but also when stored (data at rest). Encrypted data elements are stored in DB level Encrypted tables which can be accessed only by the application using private keys. It cannot be accessed by direct SQL queries.
Role-based Application Security: SimpleINSPIRE comes with an elaborate role-based application access security model, which can be configured and maintained by the customer. Roles are based on easily identifiable business functions rather than technical application objects.
Our truly Integrated, Multi-Line Insurance Platform Comes With