Last Updated : July 20, 2022
Security is broadly classified into Data Security and Application Security to understand the implementation better.
Data security concerns the user and process data that our customers entrust us with to meet their business requirements. We achieve data security by not processing unencrypted data outside the application context.
We accomplish this in the following manner.
We serve QUASR over an HTTPS connection to ensure that all the data transfers between the client browser and our servers happen over an encrypted channel. Users can verify the certificates and confirm they belong to QUASR.
We encrypt the primary database at rest. In simpler terms, gaining access to the database server machine or hard disk would lead to encrypted data. We will need appropriate keys to decrypt and retrieve the data.
The application server connects to the database over an encrypted connection. In other terms, gaining access to our network is still insufficient to gain any usable database stored data.
Application security is concerned with gaining unauthorized access to the application in an elevated role. Unauthorized accesses to the application happens due to compromised user passwords or malicious code injected into the application.
We address this in the following manner.
While all these methods sufficiently mitigate a chance of a security incident, we do understand that no system is fully secure. We will work to ensure that any untoward incident is detected early and mitigated quickly to reduce the overall impact of such incidents.
In the age of social media and the variety of data privacy violations cropping up all around us, privacy is a serious issue that all cloud solutions seek to address. The point is even more critical for us since we are providing services in the healthcare domain, where breaches have severe impacts.
Our approach to this problem is as follows:
One of the significant advantages of choosing a cloud-based solution is the scalability that is implicit in the architecture. Our application can scale as you grow to accommodate more users, to accommodate more information and process them, to meet burst demands which arise from time to time. The application framework is architected for best cloud performance and to benefit from the underlying infrastructure scalability (elasticity) that our vendor extends to us. Additionally, our application infrastructure is architected for very minimal downtime. We achieve this continuous monitoring and auto-spawning servers to meet demands or address any failures in the services. To ensure business continuity, we back up all our servers periodically.
A question that we frequently hear from our customers is whether we can integrate with their existing systems, say their HR system for user data or their current identity management systems like Active Directory. While the application or the architecture poses no limitation in enabling these integrations, we currently do not offer integrations off-the-shelf. Please do check with us as we have mechanisms to address each of these requests on a case-basis. At the moment, there may be a strong case against integrating a critical on-premise system such as an IDMS with a cloud-based solution. Technology to address these integrations are evolving every day. When we see a promising solution that offers these integrations with minimal security exposure, we would be amongst the first to leverage these for our customers.