Protection
Our network is protected through the use of key AWS security services, regular audits, and network intelligence technologies, which monitor and/or block known malicious traffic and network attacks.
Architecture
Our network security architecture consists of multiple security zones. More sensitive systems like database servers are protected in our most trusted zones.
Network Vulnerability Scanning
Network security scanning gives us deep insight for quick identification of out-of-compliance or potentially vulnerable systems.
Third-Party Penetration Tests
In addition to our extensive internal scanning and testing program, each year intelliHR employs third-party security experts to perform a broad penetration test across the intelliHR Production Networks.
Security Incident Event Management
Our Security Incident Event Management (SIEM) system gathers extensive logs from important network devices and host systems. The SIEM alerts on triggers that notify the Security team based on correlated events for investigation and response.
Intrusion Detection and Prevention
Service ingress and egress points are instrumented and monitored to detect anomalous behavior. These systems are configured to generate alerts when incidents and values exceed predetermined thresholds and use regularly updated signatures based on new threats. This includes 24/7 system monitoring.
Threat Intelligence Program
intelliHR participates in several threat intelligence sharing programs. We monitor threats posted to these threat intelligence networks and take action based on risk.
DDoS Mitigation
intelliHR has designed a multi-layer approach to DDoS mitigation making use of available AWS tools.
Logical Access
Access to the intelliHR Production Network is restricted on an explicit need-to-know basis, utilises least privilege, is frequently audited and monitored, and is controlled by our Operations Team. Employees accessing the intelliHR Production Network are required to use multiple factors of authentication.
Security Incident Response
In case of a system alert, events are escalated to our 24/7 teams providing Operations, Network Engineering, and Security coverage. Employees are trained on security incident response processes, including communication channels and escalation paths.