Without a specialized security operation around the clock, no system can be safe.
With ECOUNT ERP, protect your company's business data and spare the time and money spent on server management and data security.
- With the acquisition of the International Security Certification ISO27001, ECOUNT ensures a strong data security.
- We restrict access to our database, and keep customer data safe through data backup and encryption.
- All servers are stored in Amazon Web Service(AWS) and access from outside is essentially blocked.
- You can adjust the level of security of your own ERP system.
Acquisition of ISO27001 International Certification
- ISO 27001 Certification is the internationally recognized certification system that mandates 114 security standards by an international board of members in the field of information security.
- ECOUNT has obtained the ISO 27001 certification to enhance internal security system and improve client credibility.
ECOUNT observes and conducts the following tasks to meet the ISO 27001 requirements, and yearly renewed of its certification.
1. Yearly regular audit from external security-specialized auditors
- ECOUNT is regularly audited by external auditors specialized in security, to examine each team's work process.
- Through simulating hacking, we identify weaknesses in our security and update system to prevent hacking attacks.
- Servers and database are inspected to figure out things to improve and enhance system security.
2. Encrypt important data
- Any data that you input in ECOUNT ERP is securely transmitted to servers and database through encrypted transmission.
- Sensitive or identifying information like phone number and email account is saved after encryption. Unauthorized person is unable to decrypt the data.
- Keys for encryption are securely stored at a thoroughly controlled environment, with a least access only from authorized people.
3. Restrict access to database
- Only the least number of staffs required for service operation are authorized of access to database.
- Any access to servers and database is recorded with audit trail, and reviewed regularly and tracked.
- Abnormal access attempts are monitored in real-time and immediately blocked to properly respond to security threats.
4. Internal network security
- We separate networks for business use from the ones accessible to servers and encrypt servers to essentially block data leakage.
- Each network is protected by firewalls and malicious site filtering to control access and avoid infection from malicious codes.
5. Backup to secure data
- Any data you input is backed up daily and monitored of security.
- Also, data are scattered to multiple databases and saved to avoid data loss in emergencies.
6. Build and keep internal security policies
- ECOUNT's security department is fully dedicated to information security and thoroughly examines internal data security.
- Through a regular internal audit, we check whether our security policies are properly kept.
- Reviews updates on Information Security Laws (Privacy Law, Information Network Law) and reflect them on internal security policies.
7. Regular security checks and information security training for all employees
- We monthly check security requirements, like Clean Desk check and whether files including private information are deleted.
- We restrict using USB for business computers, and block access to external file server or P2P site.
- All employees are trained for information security every year to enhance awareness for security.
- 1. Yearly regular audit from external security-specialized auditors
Servers Stored in Amazon Web Services(AWS)
- All ECOUNT servers are securely managed in Amazon Web Services(AWS), the world's leading cloud provider.
- Threats to service like DDoS attack and network attacks are blocked, to protect data from hacking and external threats.
- Our team specialized in security monitors servers and database to respond to security threats in real-time.
Customize Your Account Security Level
- Set ERP access restricted hours by user.
- Block access for a particular IP, or block access to ERP at all for certain hours.
- Set password change cycle to keep individual account security level.
- Administrators can view login history by user, and restrict login from unauthorized locations (e.g. forced logout).