Yes, we have proper forensic procedures in place that includes chain-of-custody management processes and controls.
As part of Web Application Firewall (WAF), rate limiters are installed to block multiple requests from specific IPs in order to prevent DDOS-type attacks. These are powered by intelligent daemons that detect other identifiers like URLs accessed or other client properties to automatically blacklist possible threats either temporarily or permanently.
Yes, in our cloud audit program, we analyze and address all the requirements put forth by the tenant to ensure maximum satisfaction.
Yes, we have proper forensic procedures for data collection and analysis for incident responses.
Yes, we can freeze data from a specific time without freezing other data if need be.
Yes. Tenant data is enforced and attested in case it comes to light in legal subpoenas.
The Xoxoday Platform is developed on microservices architecture because the independent applications and deployed on the AWS virtual platform cloud.
No, our product is supported by a comprehensive web application that can be accessed via desktop and mobile browsers on all compatible devices.
Our platform can be white-listed to match the look and feel of the tenant's platform. The emails are also customizable for a personal touch.
Reports with respect to rewarding and beyond can be accessed through the platform.
The customization is done on the platform level, manually by the super admin.
Yes, Xoxoday Plum comes with a full set of integration with various platforms for enriched utility and maximum output from the platform.
Yes, Xoxoday Plum comes with a full set of integration with various platforms for enriched utility and maximum output from the platform.
Yes, Xoxoday Plum comes with a full set of integration with various platforms for enriched utility and maximum output from the platform.
Yes, Xoxoday Plum comes with a full set of integration with various platforms for enriched utility and maximum output from the platform.
Yes, Xoxoday Plum comes with a full set of integration with various platforms for enriched utility and maximum output from the platform.
No, we keep it with one data center for maximum safety, privacy, and security of database of our tenants.
Reports and analysis can be extracted from the platform. These reports give detailed insights with respect to what's being the reward and recognition input and output throughout the concerned period.
In case reports are needed apart from the predefined ones, they can be shared with the tenants in a spreadsheet.
No, we keep it with one data center for maximum safety, privacy, and security of database of our tenants.
Reports and analysis can be extracted from the platform. These reports give detailed insights with respect to what's being the reward and recognition input and output throughout the concerned period.
Yes, Xoxoday Plum comes with a full set of integration with various platforms for enriched utility and maximum output from the platform.
No, we keep it with one data center for maximum safety, privacy, and security of database of our tenants.
Xoxoday's customer support team is available at all times to address any queries and support with respect to advisory and technical operations.
Each tenant data is uniquely encrypted using client specific key. We use AES 256 bit encryption for data at rest to ensure maximum security measures.
Yes, hardware security modules are used to protect these keys, and the key access lies with the Chief Technical Office.
We use the Key Management Service by AWS to manage all the keys. In the event that keys get compromised, they can be recovered through the Key Management Service.
Yes, in the event of service interruption, the prior notification will count for the downtime.
The time of support ranges between six to forty-eight hours. This depends on the level of service and the gravity of incidents.
No, there is no penalty clause attached in the event of a performance failure.
We are a SAAS company hence we do not have in built APIs, we maintain quarterly/yearly audit logs. No we do not integrate with the above third party tools
We maintain the logging of applications and alerts by ourselves. We cannot be integrated with the bank system, According to our company policy we do not share the logs with any third party.
Yes the application have robust authentication methods. We are integrated SAML 2.0 with SAP SuccessFactors, we also support OAuth 2.0 for seamless authentication.
Yes we do report pen test and SOC findings
Our applications are compatible with desktops, tablets and Mobiles, No additional components are required.
Since we are SAAS product, we maintain backup and restore all the customer data by ourselves. We use AES 256 encryption for data at rest. We have a multi AZ deployment with periodic backup for our DR. DR is active-active.
We use logical data isolation with the help of company specific encryption keys. Data in non production environment is not updated with the production data. We generate separate test data Data at transit - TLS1.2 encryption, Data at rest - AES256
We are a SAAS solution, and hosting is handled by us. No instances needed from the client. We use Public cloud for hosting (AWS Singapore)
6 Hours RTO and 6 Hours RPO, Yes upon request we can share latest DR strategy test results.
No there aren't any FLASH component installed in our web app.
This solution doesn't require any such API integration. The solution is seamlessly integrated with the SAP SuccessFactors solution already.
We only have 2 roles. Super admin and user. Super admin have complete control of the platform and can configure everything. SCB Admin staff will become the super admins.
Xoxoday will not be sharing logs with SCB as we have multi tenant information in the logs. If there is a significant downtime or disruption of service, we will provide an alert notification to SCB.