Security Practices of icanstudioz app solutions LLP

icanstudioz app solutions LLP is a digital-first company providing secure, cloud-based and mobile-first software solutions to businesses in retail, restaurant, and distribution sectors. Security is a core element of everything we offer—from infrastructure and application design to operational protocols. This document outlines our approach to ensuring the security and privacy of our clients' data, highlighting our best practices in organizational, data, infrastructure, and operational security.

• Organizational Security
• Physical Security
• Infrastructure Security
• Data Security
• Identity and Access Control
• Operational Security
• Incident Management
• Responsible Disclosure
• Customer-Controlled Security Practices

Information Security Management System (ISMS)

Our ISMS aligns with global standards to address security risks and safeguards across all stakeholders. We enforce strict internal policies to ensure confidentiality, integrity, availability, and resilience of customer data.

Employee Background Checks

All employees undergo background verification through certified third-party agencies. Checks include criminal records, employment history, and educational qualifications. Employees with pending verification are restricted from handling sensitive user data.

Security Awareness & Training

Each employee signs a confidentiality agreement and undergoes mandatory security training covering privacy, compliance, and secure handling of data. Regular refresher training, internal campaigns, and knowledge-sharing forums ensure continuous education and awareness.

Dedicated Security & Privacy Teams

Our in-house security and privacy teams are responsible for enforcing our security programs, conducting audits, monitoring environments, and advising development teams on secure engineering practices.

Internal Audit & Compliance

A dedicated compliance team reviews security controls and ensures alignment with best practices and evolving standards. Regular audits and reviews help us identify and address compliance gaps.

Endpoint Security

Employee devices are managed through our Endpoint Management solution. Devices are encrypted, locked during inactivity, and run updated operating systems and antivirus software. Business-use mobile devices are also enrolled in MDM systems to ensure security compliance.

Workplace Access Control

We employ electronic access control systems across all office locations. Role-based access is enforced through smart ID cards, ensuring only authorized personnel can access designated zones.

Monitoring

CCTV surveillance systems monitor entry and exit points 24/7, with footage retained per regulatory requirements.

Network Security

We implement a multi-layered defense strategy using firewalls, segregated environments for testing and production, and strict access controls. Our Network Operations Center monitors all systems and generates alerts for any unusual activity.

Intrusion Detection & Prevention

Both host-based and network-based IDS systems are deployed. We maintain detailed logs of privileged access, system-level commands, and critical application events. A custom Web Application Firewall (WAF) further mitigates app-layer threats.

Secure Development Practices

All code goes through secure SDLC processes, including static analysis, vulnerability scanning, and manual review. We follow OWASP guidelines to prevent SQL injection, XSS, and other web-based attacks.

Encryption

In Transit: All data transmitted over the internet uses TLS 1.2/1.3 with secure ciphers. HSTS headers and secure cookies are enforced.

At Rest: Sensitive customer data is encrypted, based on the services used.

Data Retention & Disposal

Accounts with unpaid dues may be temporarily suspended, and associated data retained for 60 days. Post this period, data may be permanently deleted. Refer to our Data Retention Policy for more information.

Two-Factor Authentication (2FA)

2FA is supported to prevent unauthorized account access, even in cases of password compromise.

Administrative Access Controls

Role-based access and the principle of least privilege guide our internal data access policies. Administrative access is tightly controlled and logged.

Logging & Monitoring

All systems generate detailed logs (event, audit, admin) that are securely stored and monitored. Logs are reviewed for anomalies in user activity, network traffic, and access patterns.

Vulnerability Management

We use automated vulnerability scanners and conduct regular manual penetration tests. Issues are logged, prioritized, and remediated based on risk. We also track third-party advisories and threats in real-time.

Business Continuity & Disaster Recovery

Our BCP ensures continuity during natural disasters, cyber threats, or other crises. Backup procedures, geo-redundancy, and automated failover systems help us maintain uptime and data integrity.

Reporting & Response

A dedicated team manages all security incidents, coordinates customer communication, and initiates appropriate mitigation. Audit logs and forensic evidence are shared with affected clients when relevant.

To report a security issue, email: security@icanstudioz.com

Breach Notification

We notify authorities within 72 hours of identifying any data breach (as required by law) and inform affected customers where applicable.

We welcome contributions from the security community and operate a Bug Bounty program to reward vulnerability reports.

Report issues here: www.icanstudioz.com/bugbounty

Here's what you can do to keep your data safe:

• Use strong, unique passwords and update them periodically.
• Enable 2FA wherever supported.
• Keep browsers, OS, and our mobile/web apps up to date.
• Regularly review device and session logs.
• Avoid phishing by verifying suspicious emails, links, or requests.
• Manage user roles and permissions carefully.

At icanstudioz app solutions LLP, securing customer data is not just a priority—it's a continuous commitment. Our layered security framework ensures that our cloud infrastructure and services remain protected against ever-evolving threats. For any concerns or questions, feel free to contact us at security@icanstudioz.com

© 2024 icanstudioz app solutions LLP. All Rights Reserved.
Visit: www.icanstudioz.com/security for the latest updates.