/'kwench/

About /'kwench/

/'kwench/ & myPerks help companies enhance their employee value proposition by providing an end-to-end, innovative products & solutions that manages their employee engagement initiatives.  /'kwench/ is India's largest corporate library services platform & myPerks is the next generation employee engagement, social recognition, collaboration and rewards management platform.

/'kwench/ is currently serving 300+ Indian corporates and 200,000+ of their employees through its bouquet of services. Companies that use services from /'kwench/ have better employee satisfaction levels as compared to others.  The recently published results of ‘best companies to work’ survey shows that 18 of the top 50 and 32 of the top 100 companies listed as the best places to work are /'kwench/ clients. /'kwench/ is funded by Indian Angel Network (IAN) and Small Industries Development Bank of India (SIDBI).

Security & Compliance

Information security is of paramount importance to our success and continued existence. We have a robust information security management policy framework supported by top management attention and independent board oversight.

Compliance

/'kwench/ is compliant of Indian Information Technology Amendment Act (2008) and Information Technology (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011.

/'kwench/ has robust ISM framework for data protection and security. All out applications have undergone penetration testing from a reputed agency.

image
image

Security

/'kwench/ is a highly secure platform and has undergone penetration testing from a reputed agency. Our information security management framework provides for robust controls for data encryption, data backups, server hardening, intrusion detection, patch management, protection against cross scripting and SQL injection attacks etc.

  • Accepted Use

    We will not use data for unlawful activities (such as child pornography, gambling, fraud, terrorist activities), sending unsolicited emails, for posting any material or transmitting any content that harasses, threatens the health and safety of our users or for posting any obscene, racist, indecent, malicious, harmful or violent content.

  • Passwords

    We store passwords in encrypted form.

  • Access Control

    Only authorized persons access data and all access is based on the principle of least privilege i.e. access is based on the user role and no access is given beyond what the role demands.

  • Information Security Organization

    We have an information security and risk management committee headed by our CEO and with an independent board oversight.

  • Data Backup

    Data is backed up on a daily basis. All backups are protected by either 256 bit AES encryption (Symmetric) or 2048 bit RSA (Asymmetric) encryption.

  • Confidentiality and Non-disclosure

    We sign confidentiality and non-disclosure agreements with all our customers. Also, all our employees sign confidentiality and non-disclosure agreements.

  • Employee Background Verification and Screening

    We do not perform background verification as a policy. We often verify references, KYC proofs and make sure that potential team members fit our company values.

  • Data Encryption

    We deploy robust encryption techniques in order to secure legally/contractually restricted data (i.e. sensitive data). The encryption plan covers emails, desktop/laptop file systems, external storage media, data backups, transport level encryption.

  • Patch management

    Our information technology assets (software, servers, desktops, and laptop computers owned and operated by /'kwench/) are properly patched with the latest appropriate updates in order to reduce system vulnerability and to enhance and repair application functionality.

  • Server Hardening

    We harden our operating system, application, database, web servers to thwart any unauthorized attacks.

  • Cross Scripting and SQL Injections

    Our technology stack, platform and code base are designed and deployed to prevent cross-scripting and SQL injection attacks.

  • Data Testing

    We do not use user data in our testing or development environment.

  • Uptime

    We guarantee a 99.9% uptime of our systems except in the event of a natural disaster beyond our control.

  • Network and Application level Redundancy

    Network level redundancy is managed by our hosting provider, Softlayer Technologies, an SSAE16 certified provider. Application level redundancy is managed in-house.

  • IP Restrictions

    We allow authorized IPs to connect to our systems to enhance security.

  • Ethics and Code of Conduct

    /'kwench/ is a professionally run organization and follows ethical business practices.

  • Penetration Testing

    All our key applications have undergone penetration testing from a reputed agency.

  • Data Retention

    We retain data for a period specified in the contracts with our customers and comply with customer specific requirements. Our systems are capable of selective and automatic purging of sensitive data.