Technology architecture of

WRENCH SMARTPROJECT

Overview

WRENCH SmartProject™ is a SAAS platform hosted on Azure Platform and is governed by Microsoft security policies. We have four layers in our architecture, which are secured as follows

  • Application layer - secured by Access Controls, Active Directory Login Synchronizations, Two Factor Authentications.
  • Database layer - secured data at REST encryptions
  • Vault Layer - secured by file encryption method
  • Web Layer - secured by https for data in motion

 

Platform


Avatar

Cloud

SAAS model on Microsoft Azure and Amazon AWS

Avatar

Desktop

Zero Install footprint on your tablet, PCs & Laptop

Avatar

App

Available on iOS and Android Platform

  Scalable

  Data Security

  Loosely coupled Architecture

  High Availability

Technology Architecture


Access Control

User Level

User access is controlled using conventional login credentials. Each WRENCH SmartProject user is provided with exclusive login names and strong passwords to offer primary access control. To extend this further, WRENCH SmartProject user access control system can be integrated with Windows federation services, so that in addition to enhanced security, it can offer single sign-on.

Project Level

Information in each project can be restricted to the resources assigned to work on the project. The project plan, documents handled in the project etc. can be brought under the security cover of this mechanism.

Document Level

Documents in WRENCH SmartProject are categorised under various "genealogies" depending on type and security context of the documents. Each genealogy can be assigned with strict security policies so that the documents contained in each are accessible only to the designated users.


Content Security

Content is protected at various levels of storage and transit.

Database Level

Critical information preserved in MS SQL Data repository of WRENCH SmartProject, such as user passwords is encrypted using strong 'Cypher' encryption algorithms.

Vault Level

'Vault' is a disk folder where WRENCH SmartProject keeps all the documents. In most deployment scenario, it is possible to prevent direct access to the vault folder by means of network security implementations. In the event of additional precautions are required for high security documents, such documents stored in each 'genealogy' of WRENCH SmartProject can be protected by encrypting them so that they remain protected even if they are accessed directly -though unlikely- from WRENCH SmartProject vault.

Communication Level

Data on transit between the WRENCH SmartProject server and client are compressed using passwords to offer it security from intrusions on the communication pipe. For additional security, WRENCH SmartProject may be deployed over HTTPS (with SSL). WRENCH SmartProject application is immunised against intrusions and vulnerabilities as specified in the 'OWASP' top 10 classification.


Two factor Authentication Method

Further, secure your project content at recipient level (for clients, vendors or contractors etc) by enabling two-factor authentication by enabling One Time Password (OTP) to registered users mobile


Deployment Security

In most scenario, it is sufficient to protect WRENCH SmartProject using the access rules in a firewall. The native access control and content security facilities in WRENCH SmartProject offers optimum cost-security ratio. But in high security scenario, WRENCH SmartProject can be deployed in a variety of ways to secure the system to the desired extent. When security offered by a single firewall is not adequate, the system can be deployed over a DMZ.


Cloud Security

WRENCH Solutions(P) Ltd. Is a Microsoft Partner with ISV (Gold) competency in application development for Microsoft platforms. When it comes to deploying WRENCH SmartProject on managed cloud, Microsoft Azure is the primary choice. Microsoft Azure runs in datacenters managed and operated by Microsoft. These geographically dispersed datacenters comply with key industry standards, such as ISO/IEC 27001:2013 and NIST SP 800-53, for security and reliability. The datacenters are managed, monitored, and administered by Microsoft operations staff. The operations staff has years of experience in delivering the world's largest online services with 24 x 7 continuity.

 

More story at https://docs.microsoft.com/en-us/azure/security/azure-security-infrastructure

 

Apart from Microsoft Azure cloud, WRENCH SmartProject can be deployed on any other cloud service of choice.