.png)
Security Center
daitasoft manages security in a hybrid model, with a layered approach that reflects our Software as a Service (SaaS) framework. We have created a shared responsibility model that outlines the controls that we have inherited from our cloud service providers (CSPs) and the security responsibility daitasoft has to our customers.
Platform Availability & Security
daitasoft products leverage AWS platforms as our foundation for robust infrastructure security and operational availability. The AWS services and availability zones leveraged by our Company have been included in routine AWS SOC 2 Type 2 attestation audits and ISO 27001 certifications.
As a result, we build highly available products through scalability inherited from our CSPs and ensure the ability to quickly recover operations using AWS CloudFormation Templates. We adhere to the service level agreements established within our Terms of Service.
Our solutions in AWS are protected from distributed denial of service (DDoS) attacks by AWS Shield, a service that protects against common network and transport layer DDoS attacks.
​​
All daitasoft infrastructure administrator access to the platform is highly limited based on defined job responsibilities and further protected using robust multi-factor authentication (MFA) and single-sign-on (SSO) technologies.
In addition, we have enabled and routinely monitor AWS Security Hub, a cloud security posture management service, to ensure that the underlying services remain securely configured in accordance with strong industry practices.
Network Security
daitasoft products leverage a combination of services, such as AWS Lambda, EC2, and RDS for PostgreSQL, to provide a highly scalable, available, secure, and performance-oriented architecture.
All daitasoft EC2 instances and employee endpoints are protected by robust next-gen endpoint detection and response (EDR) agents that provide automated protection against fileless and malware attacks using machine learning, behavioral analysis, and threat intelligence.
For AWS EC2 workloads, patching is performed on a monthly basis to reduce vulnerability exposure.
daitasoft leverages Amazon Inspector to continually scan AWS workloads for vulnerabilities and unintended network exposure. Inspector provides daitasoft with risk-prioritized findings to improve remediation response efficiency.
Infrastructure Security
daitasoft products leverage a combination of services, such as AWS Lambda, EC2, and RDS for PostgreSQL, to provide a highly scalable, available, secure, and performance-oriented architecture.
​
All daitasoft EC2 instances and employee endpoints are protected by robust next-gen endpoint detection and response (EDR) agents that provide automated protection against fileless and malware attacks using machine learning, behavioral analysis, and threat intelligence.
​
daitasoft leverages Amazon Inspector to continually scan AWS workloads for vulnerabilities and unintended network exposure. Inspector provides Datasoft with risk-prioritized findings to improve remediation response efficiency.
Application Security
We incorporate security into the design of our products from the beginning stages of our software development lifecycle. We derive our product security requirements from the OWASP Application Security Verification Standard (ASVS), perform threat modeling, develop products in line with general Agile methodologies, and integrate security tools – such as code security scans – throughout the Agile release cycle. This “shift left” approach allows us to quickly identify and remediate threats and potential vulnerabilities.
daitasoft has deployed web application firewalls (WAFs) in front of our web applications and APIs to protect them from malicious network traffic and software exploits.
Additionally,​ daitasoft has product web application and API penetration testing performed after significant application changes and at least annually to identify and remediate potentially exploitable vulnerabilities.
Despite our best efforts, if you believe you’ve discovered a vulnerability or bug in daitasoft’s products, please contact us in accordance with our Vulnerability Disclosure Policy.
Data Security
Data submitted to daitasoft products by authorized users is considered Confidential. This data is protected in transit across public networks and encrypted at rest. Customer data is not authorized to exit our production service environment except to fulfill a customer request.
All data transmitted between daitasoft, and our users is protected using Transport Layer Security (TLS 1.3, SHA 256) and HTTP Strict Transport Security (HSTS). If encrypted communication is interrupted, the daitasoft application becomes inaccessible to protect the data.
daitasoft products leverage Amazon Relational Database Service (RDS), a managed service that automates common database administration tasks, such as patching, monitoring, and hardware provisioning. Data at rest in RDS is encrypted using AES-256.
We have also implemented controls to ensure the integrity and confidentiality of administrative credentials and access mechanisms and enforce full-disk encryption on all endpoints.
Data Backups & Redundancy
daitasoft products leverage AWS backup and snapshot functionality to provide point-in-time recovery capabilities. All AWS object-based storage (S3) leverages versioning for backup, recovery, and high durability storage.
Identity & Access Management
daitasoft products are secure by design with robust identity and access management capabilities that can also integrate with common SAML-based single-sign-on (SSO) solutions that streamline user provisioning and deprovisioning. Native authentication requires strong password construction with multi-factor authentication (MFA) by default, while SSO leverages your internal identity directory, password, and MFA policies.
Security & Performance Monitoring
We have deployed CrowdStrike Falcon Cloud Security (FCS) as a cloud security posture management (CSPM) solution to identify misconfigurations and cloud indicators of attack within the AWS hosting environment.
daitasoft leverages AWS GuardDuty Extended Threat Detection to continuously monitor our AWS accounts and workflows for malicious activity and potential threats using machine learning algorithms. GuardDuty helps our security team to detect in near real-time and respond to security concerns.
Third Party Service Provider Security
daitasoft relies upon third party applications and services in support of the delivery of our products to our customers. As a result, daitasoft has established a third-party service provider risk management program designed to routinely assess the technical, physical, and administrative controls in place and ensure they are commensurate with the expectations of daitasoft and our customers.
Personnel Security
Where applicable by law, daitasoft performs background screenings on personnel prior to joining the organization. All personnel sign confidentiality agreements and undergo regular security and privacy awareness training that weaves security into technical and non-technical roles.
Physical & Environmental Security
As a SaaS provider, daitasoft production infrastructure is hosted in cloud service provider (CSP) environments. These CSPs manage physical and environmental security controls for hosted information systems, including buildings locks, temperature control, fire suppression, and redundant electricity supplies.