Security Dictates Yahoo-Shaadi merger

by CXOtoday Staff    Sep 30, 2003

Shaadi.com has a high level of data security and efforts to protect sensitive information of its members, were the key elements that influenced Yahoo’s partnering decision.

Yahoo.co.in and Mumbai based matrimonial portal Shaadi.com launched their co-branded page called Yahoo Matrimony,last week.

In an interview with a CXOtoday correspondent, Neville Taraporewalla, Director Sales and Business Development, Yahoo.co.in, revealed the prerequisites of the tie-up.”Yahoo.co.in has a membership of 27 million users to whom we wanted to offer a value added service. Since the information is very personal, it was critical to maintain a high level of security on our database,” he said.

“Web portals for matrimonial services have been hugely successful models over the last two years and we wanted a credible, secure and popular partner. Shaadi.com was the closest match in line with our requirements, although they had to scale up by a notch or two, in order to meet our global standards,” added Taraporewalla.

On the other hand, Anand Mittal, CTO of Shaadi.com, claimed that his company had already achieved global standards before the tie-up. He described his company security policy as three tiered, placing checkpoints at the hardware, software and the human security level.

Divulging more details, Mittal said, “Our site is hosted by Rackspace, one of the most trusted names in the business of web hosting, which is incidentally the same solutions provider where yahoo.co.in is also hosted.”

“To start with, Rackspace eliminates routine security checks by automating them at their end. For added security, from our side, we implement different auditing systems, with a set of two external auditors as well as a separate internal auditing system. The system is in the process of continuous strengthening through extensive research, by consulting ethical hackers point out vulnerabilities and loopholes. Our three-layered architecture eliminates the possibility of any security breaches.”

On the hardware level, Shaadi uses Dell servers packed with firewalls and Nokia and Cisco checkpoints.

Mittal claimed that Shaadi.com EL 2.1 platform besides being protected by Symantec gateway security service, is constantly maintained with patches and updates.

However, Mittal says,”The biggest concern area for most corporations today is in the area of internal security. Most information leakage is through internal sources, either deliberately or inadvertently.”

Internal security at shaadi.com uses a range of resources, from maintaining logs on employees, to double passwords and checking on remote procedure calls (RPC).

Justifying this policy Mittal says,”A single unhappy employee can cause more damage than a group of hackers or a worm. Due to this reason, our internal audit system is constantly working to identify loopholes and develop fixes.”