Security Policy ECOUNT acquired the International Security Certification ISO27001.
All servers are stored in Amazon Web Service (AWS), the world's leading cloud provider.

Acquisition of ISO 27001

ISO 27001 is an international information security standard established by the International Organization for Standardization (ISO),
which assesses a company’s security capabilities based on 114 criteria.

We conduct annual audits by external security specialists to review our internal security processes.
System vulnerabilities are identified and addressed through penetration testing.
Internally, a Chief Information Security Officer is appointed to establish and operate management plans.

Daily and monthly security inspections are conducted to check for customer data storage on employee PCs, security seal status, and unauthorized program installations.
All employees sign a security pledge before commencing work and complete annual information security training.
Security levels are applied differently for each employee, and unauthorized access to information is strictly blocked.
When employees are transferred, access rights to information are revoked as part of our personnel security management procedures.
Antivirus programs on employee PCs are managed to prevent information leakage caused by malware.

Data entered by customers into ECOUNT is transmitted using encrypted communication.
Critical personal information such as resident registration numbers, account numbers, and card numbers is encrypted using algorithms before being stored on the server.
Encryption keys are stored separately in locations inaccessible from outside, preventing information leakage.

ECOUNT manages customers’ information assets by monitoring system operations in real time.
Information assets are classified by importance, and security levels are applied accordingly for effective data management.
We have systems in place to manage potential risks such as information breaches and service disruptions.
When risks to information assets are identified through inspections, system improvements are made to enhance stability.

ECOUNT records all access to information for tracking and management purposes.
Security professionals monitor for information breaches in real time and block abnormal access attempts.
Access control systems and CCTV are installed in all offices and server rooms to prevent unauthorized entry.
Security systems such as firewalls are used to minimize and manage the IPs that can access data.

Regular backups are performed to prevent the loss of valuable customer data due to accidents or errors.
Data recovery plans are established and recovery drills are conducted to prepare for emergencies.
Monthly system inspections are conducted, and security patches are applied when vulnerabilities are found.
System changes such as program upgrades are carried out safely through thorough analysis by experts.

ECOUNT has established disaster recovery systems to ensure service continuity in the event of a disaster.
Disaster recovery drills are conducted to verify the effectiveness of data recovery plans.

ECOUNT stores its servers on AWS, which
boasts the highest level of security in the world.
By utilizing AWS’s server security systems,
we are protected from hacking attempts such as DDoS attacks.
ECOUNT’s security experts monitor servers and
data in real time to block potential threats.

Users can directly allow or block logins from
specific IP addresses.
Program access time limits can be set for each ID.
Two-factor authentication can be enabled to
strengthen identity verification during login.
Password complexity and change intervals
can be adjusted, making security management
by ID convenient.