Planet NEXTgen Technologies (P) Ltd. and its subsidiaries is hereinafter referred as
'Planet NEXTgen' is committed to respect your privacy and data while using our services.
The statement highlights our data security practices.
Data Security Statement
The Planet NEXTgen development center in Mumbai is under 24x7 security protection.
Critical locations in the shared office are accessible only to authorized
individuals. Important documents are stored in cabinets that can only be accessed
by pre-authorized individuals. Fire alarms and water sprinklers are in place to
detect and mitigate damage in the unlikely event of a fire. A policy has been
implemented to approve and regulate visitor access to the building. The office is
provided with 24x7 power supply, supported by an alternative uninterrupted power
supply system to ensure smooth functioning in the event of a power failure. Planet
NEXTgen hosts its application and data in Amazon Web Services which have been
thoroughly tested for security, availability and business continuity.
All of Planet NEXTgen’s products are hosted in Amazon Web Services. The
infrastructure for databases and application servers is managed and maintained by
Amazon Web Services. At Planet NEXTgen, we take a multifaceted approach to
application security, to ensure everything from engineering to deployment,
including architecture and quality assurance processes complies with the highest
standards of security.
The application is initially protected by firewall which is equipped to counter
regular DDoS attacks and other network related intrusions. The second layer of
protection is Planet NEXTgen’s own internal firewall which prevent external IPs,
users and spam. While the application can be accessed only by users with valid
credentials, it should be noted that security in cloud-based products is a shared
responsibility between the company and the individuals who own those accounts on
the cloud, it should be noted that all account passwords that are stored in the
application are one-way hashed and salted. Planet NEXTgen uses a micro service
model to host all its applications.
Our lead engineers are trained in industry-leading secure coding standards and
guidelines to ensure our products are developed with security considerations from
the ground-up. Security reviews are a mandatory part of application engineering
(development and construction) process at Planet NEXTgen.
Besides functional validation and verification, the quality assurance process at
Planet NEXTgen also subjects application updates through a thorough security
validation.
Deployments to production servers are performed only by trusted and authorized
engineers. Only few pre-authorized engineers have access to Planet NEXTgen’s
production environment. An information security team carries out periodic
comprehensive tests. The tests are performed with the help of static analysis tools
and aided by manual analysis.
Our database resides within an internal network in Amazon Web Services. It is set
not to be accessed from anywhere other than the application. Also it is password
protected. The database is hosted with a feature called multi zone availability -
which ensures a standby copy of the database is available in a different zone in
case of failure. Apart from these, Amazon Web Services performs daily backups. Our
application is designed to make use of scopes - a user can manipulate only his/her
own records. So even if a user tries to misuse any credentials, his own data will
be affected. Data of other users will be secure and cannot be viewed or tampered.
All Planet NEXTgen's products are hosted in Amazon Web Services, with security
managed by Amazon Web Services.
As the processors of personal information on behalf of our customers, we follow
their instructions with respect to the information they control to the extent
consistent with the functionality of our service. In doing so, we implement
industry standard security, technical, physical and administrative measures against
unauthorized processing of such information and against loss, destruction of, or
damage to, personal information.
Amazon Web Services data centers are ISO 27001, SSAE-16 and HIPAA compliant.
Amazon Web Services data centers are ISO 27001, SSAE-16 and FedRAMP and NIST 800-53
compliant.
If you have found any issues or flaws impacting the data security or privacy of
Planet NEXTgen’s users, please write to support@planetngtech.com with the relevant
information so we can get working on it right away.
Your request will be looked into immediately. We might ask for your guidance in
identifying or replicating the issue and understanding any means to resolving the
threat right away. Please be clear and specific about any information you give us.
We deeply appreciate your help in detecting and fixing flaws at Planet NEXTgen, and
will acknowledge your contribution to the world once the threat is resolved.
If you have any questions or doubts, feel free to get in touch with us at
support@planetngtech.com, we’ll get back to you right away.