SkyConnect security is an integral part of Mithi’s cloud digital collaboration platform, which is secured at multiple layers and adheres to industry cybersecurity guidelines.
The foundation of the entire security system is the act of securing the platform at all layers from the Infrastructure to the Periphery into the Network. Once this foundation is in place and the platform is secured using best practices, the CSOC maintains vigil to ensure that the platform stays secure. This vigil includes periodic VAPT scans via CERT-IN empaneled vendors. In case of any breach or incident discovered, rapid action is taken to arrest the impact of the incident, neutralize the threat and report/escalate the incident in a structured manner with a time-bound long-term prevention plan.
The Multi-layered security framework and adhering Industry cybersecurity guidelines at a glance.
Mithi’s Digital Collaboration Platform is built on the AWS cloud platform and leverages the shared security model of AWS.
Security OF the cloud: AWS operates, manages, and controls the IT components from the host operating system and virtualization layer down to the physical security of the facilities in which the services operate.
In order to maintain vigilance, AWS environments are continuously audited, and the infrastructure and services are approved to operate under several compliance standards and industry certifications across geographies and verticals. Customers can use these certifications to validate the implementation and effectiveness of AWS security controls, including internationally recognized security best practices and certifications.
Security IN the cloud: Mithi operates, manages, and controls the digital collaboration platform, which comprises the cloud compute, storage, network resources and their operating systems right up to the applications and services running on this infrastructure. Mithi secures the platform at multiple layers using industry best practices to achieve cyber resilience.
To maintain vigilance, Mithi deploys a Cyber Security Operations Center to continuously monitor and audit the platform environment to ensure compliance to several standards across verticals such as RBI (Reserve Bank of India), SEBI (Securities and Exchange board of India), IRDAI (Insurance Regulatory Development Authority of India), HIPAA (Health Insurance Portability and Accountability Act) and GDPR (General Data Protection Regulation), which when taken together, create a comprehensive security guideline.
This white paper explains the multi-layer security framework in greater depth.