SGO Technology
We bring solutions for the most up-to-date technology, based on market trends and research. Providing the best practice solution is our main responsibility.
Operating System & Database Independent
Our system is able to adapt to any standard of platforms owned by your institution. Common Operating Systems in most cases are Microsoft Windows or Linux . For databases we frequently use Microsoft SQL Server or MySQL and for Webserver and Framework we use Zend Server. Servers can be physically deployed on Virtual Machine or Cloud.
Interface
The environment may have various standard industry interfaces. Our system has the flexibility to reliably establish a connection. Some of industry standard interfaces are XML/SOAP, REST/JSON, TIBCO, MQ, ISO8583, SOA, Java Listener, ISORM, sFTP, FTP, MT, etc.
Open API
Integrating processes from other systems, that your customer owns, such as Enterprise Resource Planning (ERP) system, other Hosts, CRM, Point of Sales, Accounting System, etc will allow a better management experience. Open API management technology makes the integration possible with secure and fast message signing, end-to-end encryption and signature validity to ensure all messages are authenticated.
File Interchange
Sometimes systems need to be isolated and cannot directly be connected to the external host, thus a file interchange solution will solve the problem. With self-registration PGP key, and PGP encryption, our system can interchange (send – receive) files to an sFTP server. This method requires minimum modification to the customer’s system.
3 Tier
3 layers application architecture provides an extra secure application platform. The first layer will handle web-requests and sessions, meaning any attempt of attack such as DDoS, injection, etc will be contained within this layer. The second layer will handle business processes and lastly, the third layer will be on data-store.
High Availability & Scalability
When Service Level Agreement (SLA) is at stake, multiple nodes to distribute workload and availability become the first concern to solve. SGO systems are fully supported with Cluster and/or replication. Sessions can be replicated, so that the customer will not get logged-out during a node-switch. Replication monitoring is to ensure that all nodes are up-to-date.
OWASP Standard
SGO systems are developed to meet the OWASP Standard to secure web applications. We apply OWASP Top Ten as best practice.
A1: Injection
A2: Broken authentication
A3: Sensitive data exposure
A4: XML external entities (XXE)
A5: Broken access control
A6: Security misconfiguration
A7: Cross-site scripting (XSS)
A8: Insecure deserialization
A9: Using components with known vulnerabilities
A10: Insufficient logging and monitoring