Security Policy
In light of all recent cybersecurity hacks and other related threats globally; security of our clients data remains a Top concern for Mettasocial solutions pvt ltd.
We aim to provide a seamless end to end performance for the client while in parallel also ensuring lightning fast application performance and top-notch end to end security(both in transit & at rest).
In light of any security concern or potential vulnerability;please do not hesitate to reach out to us [email protected]
How does Mettasocial deliver End to End security?
We are hosted entirely on AWS with all security & privacy features(for instance encryption of cloud instances by default) to ensure a secure infrastructure environment.
More information can be found here-
https://aws.amazon.com/security
Infrastructure Security
Metta Social Solutions Pvt Ltd our entire IT infrastructure is currently being hosted in a highly secured and redundant environment with access restricted to staff strictly on the basis of RBAC policies which are enforced strongly all across the enterprise & with all internal stakeholders.
We have achieved a strong degree of encryption protection for all the data stored in our cloud infrastructure ,firewall protection ,data access log monitoring as well as other security features as mandated by respective geographies and/or industries.
Application Security
At Metta Social Solutions Pvt Ltd our entire end to end communications are encrypted out of the box by default on TLSv1.3;which is the highest graded version of TLS and ensures we follow the highest level of encryption when data is being communicated.All data stored by Metta Social solutions pvt ltd (at rest) is encrypted by AES-256 encryption.
Our in-house team as well as our 3rd party security consultants monitor cybersecurity threats,performance and availability issues on a 24/7/365 basis.All our software is subjected to automated penetration testing on a ongoing basis.We follow best in class (OWASP Top 10 threats) methodology for both Web applications as well as our mobile applications.We have also contracted an experienced penetration testing vendor
Regarding privacy, you can view our full privacy policy here:
https://www.mettasocial.com/privacy-policy
Data Center Security
All our data at Metta Social Solutions Pvt Ltd is hosted by AWS ,which is certified to SOC 2 and SOC 3 levels.We are fortunate that as far as compliance is concerned;AWS does all the major heavy lifting for us and they maintain strong standards of compliance across multiple geographies and industries
https://aws.amazon.com/compliance/programs
AWS datacentres perform the most stringent background checks before allowing any outsider physical entry to their datacentres and they also maintain multiple other physical controls(ISO 27001) to prevent unauthorized access to their datacentres.
https://aws.amazon.com/compliance/data-center/data-centers
As of today,Metta social data centres locations are in (to satisfy local compliance norms for India,UK,Europe & Phillipines)-
- Mumbai,India,
- Manila,Philippines,
- London,UK
- Paris,France
List of all compliances compatible with AWS -Metta Cloud infrastructure
NIST Cybersecurity Framework
AWS -Metta Social alignment to NIST CSF
ISO Standards
AWS -Metta Social alignment to ISO 27001
AWS -Metta Social alignment to ISO 27017
AWS -Metta Social alignment to ISO 27018
SOC Standards
AWS-Metta Social alignment to SOC
Contact [email protected] information on our our SOC 2 compliance reports.
AWS – Metta Social alignment to SOC 3