Catseye: Catering to e-Commerce Security Woes

CIO Vendor Security risks associated with e-commerce can be a result of human error, accident or unauthorized access to systems. Online retailers are most likely to face credit card fraud or data errors. Mumbaibased Catseye Systems & Solutions Private Limited addresses the core need of protecting customers’ business data and manages data availability for different audiences across the globe. The firm has identified the scale and security challenges in the e-commerce space and has built a revolutionary B2B and B2C e-commerce product named eqomOS.

Data Security With eqomOS
eqomOS has 16 modules and around 20 different user roles. Catseye takes utmost care to ensure that the data amongst these various roles is protected and segregated. Besides, key modules like warehousing, logistics, accounts, vendors, sales, marketing, etc. make use of hand held devices which expose them to local wireless network-related attacks. Here, eqomOS promotes the use of a HSTS networks and preload submission of domain to ensure safer data encryption while even on a wireless network. Catseye makes use of industry grade AppSec and intrusion detection tools to control threats. eqomOS ships with extreme levels of security audits done at the client(browser) side. This audit covers the entire gamut of intrusion threats from cookie-hijacking, impersonation, XSS, XST, CSRF and forensics. At the server end, Catseye has policies for effective DOS, DDOS protection, port protection, ACL Protection with TCP wrappers, password-less SSH logins, and traffic monitoring. The platform also provides timely updates to registered customers on the threats of phishing, and accordingly suggests ways to avoid falling prey to such malicious attempts.

Catseye encourages the presence of an SSL layer for privacy and secrecy of data in transit

Catseye caters to two types of customers; consumers of retail goods/services and consumers of bulk orders. “It is important for us that our customers and their transactions on our platform remain safe and sacrosanct,” says Amol Zambare, CTO, Catseye. Catseye encourages the presence of an SSL layer for privacy and secrecy of data in transit. The company also offers security audits of client infrastructure as part of their product porting process onto the customers’ network. While SSL protects data reasonably well on its way to the server, it is laid bare once it arrives at the server. It is imperative to ensure data is protected in storage as well as in cache during processing. “Ensuring patches are regularly applied is an important part of how we maintain software hygiene at the server end,” adds Amol.

In a recent venture with an Austrian client, Catseye had to integrate with over 135 vendors and service providers. While the project was to be completed within a deadline, the boundaries of acceptable security for the application too were unlimited. The extensible framework of Catseye’s eqomOS platform enabled them to finish the task well within the given time frame. Catseye has a dedicated team to explore platforms for innovations that can be used in their products. eqomOS will have intelligent customer profiling via multi-dimensional data modelling, recommendations via NLP, multi-tenant, loyalty programs via blockchains, and virtual showrooms using VR 3D models. “Catseye is a company that takes pride in leveraging technology to provide the best possible solution for a business. While we dabble a lot with cutting edge technology, we use solutions that are both safe and durable,” concludes the CTO.