Security Features
to protect data
Data Encryption
DATA IS INCREASINGLY CENTRAL to our personal lives, economic prosperity, and security. That data must be kept secure. Just as we lock our homes, restrict access to critical infrastructure, and protect our valuable business property in the physical world, we rely on encryption to keep cyber criminals away from our data. Data is our most valuable asset. Naukri business (Cloud services and products) uses encryption as a control to encrypt data in a way that protects it from unauthorized users.
Network Protection
Network security is a critical element of our security program. Our network is designed in such a way that it can block malicious attacks on our system through combining multiple layers of defenses at the perimeter, and within the network, to stop them from entering or spreading through your network. Our Network Protection Service provides ongoing monitoring, maintenance, and tuning to improve the security, configuration, and visibility of networking infrastructure deployed throughout our IT environment.
Internal & 3rd Party Assesment
A business relationship requires trust, but understanding whether your vendors deserve that trust is difficult. With the rise of information technology, how trust can be broken, intentionally or unintentionally, have multiplied and become more complex. Our reliable vendor security assessment process helps us to verify that service providers follow appropriate information security practices so your business can weigh the risk of entrusting them with your data. We partner with the best in industry to ensure that our products go through the most stringent and rigorous security assessments and that our services meet the recommended security standards.
Security Monitoring
Monitoring is the most reliable method of identifying and tracking users who are accessing data on company systems. Continuous security monitoring provides real-time visibility of users and their devices when they attempt to connect to or work on our enterprise network. Constant security monitoring gives us the ability to continually look over our system to stay one step ahead of cyber threats. With continuous security monitoring, We can monitor and verify security and compliance requirements regardless of whether data resides locally or in a data center, virtual environment, or the cloud
Compliance
We always strive to stay one step ahead of compliance to ensure we maintain customer trust. In today’s data-driven world, information security is paramount for companies of all industries. Compliance provides us with a standard set of reference points to enable us to evaluate whether our organization has processes, procedures, and other controls in place that meet an agreed minimum requirement. It also provides us a competitive advantage over other organizations. Naukri is committed to the highest level of trust, transparency, standard conformance, and regulatory compliance.
Security Benchmark
We at Naukri, continuously monitors, analyzes and rates overall security performance through an objective lens, giving our clients the ability to visualize and quantify our security posture and benchmark our performance against industry peers. Industry peers’ security posture rated with externally observable data, accessible without permission from the rated company.
Data Privacy
to protect data
Data Privacy and Security
We, at Info Edge (India) Limited and our affiliated companies worldwide (after this collectively referred to as “IEIL”), are committed to respecting our customers’ online privacy and recognize the need for appropriate protection and management of any personally identifiable information customer share with us. IEIL plays the role of both data controller and data processor. As data controller, IEIL collects and processes personal data of customers.
The starting point for everything starts with the trust of our customers and employees place in us. Data entrusted to us is treated with care and respect. As a leading service provider of online services, we take data privacy seriously. As we proceed to enhance high-performance technology and expert solutions, data privacy will remain a priority. Our customers are at the center of everything we do. We earn the trust of our customers, employees and other stakeholders by adhering to these data privacy commitments throughout our company. We strive to communicate honestly and openly about our actions that may involve the personal information we process. We promote a culture that recognizes the data privacy of our customers, their clients, our employees, and our other stakeholders. We will work to resolve any concerns that our customers and employees may have about their personal information entrusted to us.We have deep discussions about data privacy when developing our software solutions and services and seek to embed data protection and data privacy in our development cycles. Compliance is involved in everything we do. This includes privacy laws in the jurisdictions in which we operate. We are taking the appropriate steps to protect personal information and keep it secure.We are dedicated to safeguarding the personal information of our employees, customers, and other stakeholders, while helping our customers, employees, investors, and society create a deeper impact and make the right decisions. Our Data Privacy Commitments are the core of our data privacy framework and are inspired by our company values. The Data Privacy Commitments guide our company-wide approach and express the value we attach to protecting the personal information of our customers, employees, and other stakeholders.
Everyone at IEIL has a duty to demonstrate effective data classification and handling practices in accordance with our company policies (Data Privacy, IT security,Data Classification & Handling Guideline and Confidentiality) and procedures.There is constant emphasis on training and skill development for the professionals, which helps us to to identify and bypass falling for social engineering attacks through specific phishing and ransomware training, the most common social engineering tactics that have been identified as high-impact, critical security risks. IEIL makes use of tools and technologies to institutionalize data privacy practices and controls. Examples of areas where such tools are deployed include personal data inventory management, administration of privacy notices and consents, data subject’s access and request management, data deidentication, data security and continuous monitoring through data loss prevention tools.
Best Practices
to protect data
2 Factors Authentication
Two-factor authentication requires two forms of validation to access your RMS account. These two factors include the password and a code generated on mobile devices (OTP). By requiring more than one factor during the authentication process, there is increased assurance the your access is authorized. While there is a risk that a single factor such as password may be compromised requiring a second factor can effectively mitigate the risk.
Phishing Mails
One of the most effective cyber attack technique is tricking someone to click a link or open an attachment that installs malware. These are called phishing e-mails because they lure into opening an email. Instruct users to never open emails from unknown sources. These sender’s address should always be verified and any links to URLs can be hovered over to validate them. The link should show a URL ending in “.naukri.com”. Phishing email can say something intriguing., useful or appear to be legtimate message from a real company (package delivery, payroll, IRS, social networking etc.).
Login IP Ranges
Login IP Ranges limit unauthorized access by requiring users to login to Naukri account from designated IP addresses – typically your corporate network. By using Login IP Ranges, admin can define a range of permitting IP address by control access to Naukri/RMS. Those who try to login to Naukri/RMS from outside the designated IP addresses will not be granted access.
Login Hours
You can restrict the hours during which users can log in access Naukri/RMS. For each profile, you can set the hours when users can log in. If IP address restrictions are defined for a user’s profile and a login is attempted from outside the time range, login is not allowed. These restrictions help protect your data from unauthorised access and phishing attacks.
Password Policies
Strong password security is an important first step in protecting your Naukri accounts.
Naukri recommend these best practices.
Password expiration:
We recommend no more than 30 days to force users to reset their passwords.
Password length:
We suggest minimum password length of 8-10 characters.
Password complexity:
We suggest to include a mix of alpha and numeric characters in the password.
Antivirus Agent
Antivirus software are programs that help protect your computer against most viruses, worms, Trojans horses and other unwanted invaders that can make your computer “sick”, viruses worms and the like often perform malicious acts, such as deleting files, accessing personal data or using your computer to attack computers. We recommend to have an antivirus agent with latest signature files to stay protected.
Operating System Patch
Research has shown that the most efficient way to protect against attack to ensure that every machine in the environment has the latest patches installed. If one computer in the environment is not patched, it can threaten the stability of the entire environment and possibly inhibit normal functionality. We strongly recommend to update the system with all the required pathes.