We bring solution for the up-to-date technology based on market trends and research. Together with provide the best practice solution is our responsibilities.
Operating System & Database Independent
Any standard of a platform that your institution has, our system can adapt to it. Common Operating System in most cases is Microsoft Windows or Linux. A database such as Microsoft SQL Server or MySQL. Webserver and framework such as Zend Server. Servers could be physically deployed on Virtual Machine or Cloud.
The environment may has various industry standard interface. Our system has flexibility to establish connection reliably. Some of industry standard interfaces are XML/SOAP, REST/JSON, TIBCO, MQ, ISO8583, SOA, Java Listener, ISORM, sFTP, FTP, MT, etc.
Integrating process from other system that your customer has such as Enterprise Resource Planning (ERP) system, other Hosts, CRM, Point of Sales, Accounting System, etc will be easy. Open API management technology makes the integration possible with secure and fast with message signing, end to end encryption and signature validity to ensure all messages are authenticated.
Sometimes systems are need to be isolated, can not directly connected to external host. File interchange solution will solve the problem. With self registration PGP key, and PGP encryption, our system can interchange (send – receive) file to an sFTP server. This method is required minimum modification to the customer’s system.
3 layers application architecture provides extra secure application platform. First layer will handle web-request and session, it means any attempt to attack such as DDoS, injection, etc will be contained within this layer. Second layer will handle business processes. Third layer will be on data-store.
High Availability & Scalability
When Service Level Agreement (SLA) is at stake, multiple node to distribute workload and availability become the first concern to solve. SGO systems are fully supported with Cluster and or replication. Sessions can be replicated, so that customer will not logged-out during node-switch. Replication monitoring is to ensure that all nodes are up-to date.
SGO systems are developed to meet OWASP Standard to secure web application. We apply OWASP Top Ten as best practice.
A2: Broken authentication
A3: Sensitive data exposure
A4: XML external entities (XXE)
A5: Broken access control
A6: Security misconfiguration
A7: Cross-site scripting (XSS)
A8: Insecure deserialization
A9: Using components with known vulnerabilities
A10: Insufficient logging and monitoring