No system can be safe without a specialized cyber security operated 24/7
Protect your company's business data with Ecount ERP to spare time and money spent on server management and data security.
- With the acquisition of the International Security Certification ISO27001, ECOUNT ensures a strong data security.
- We restrict access to our database and keep customer data safe through data backup and encryption.
- All servers are stored in Amazon Web Service(AWS) ensuring any cyber leakage and penetration from external threats.
- Manage and flexibly adjust users' security level of your data with Ecount ERP.
Acquisition of ISO27001 International Certification
- ISO 27001 Certification is an internationally recognized certification that mandates 114 security standards by an international board of members in the field of cyber security.
- ECOUNT has obtained the ISO 27001 certification to enhance internal security system and improve client credibility.
ECOUNT observes and conducts the following tasks to meet the latest ISO 27001 requirements which is updated annually.
1. Yearly regular audit from external security-specialized auditors
- ECOUNT is regularly audited by external cyber security auditors to examine our security teams' data encryption work process.
- By simulating the latest hacking technology to find any possible weaknesses in our security, we reinforce our system's security to prepare for any form of cyber attacks.
- Servers and databases are inspected regularly for improvement and enhancement in system security.
2. Encrypting important data
- Any data inputted into Ecount ERP is securely transmitted to databases through encrypted transmission.
- Important personal information such as account number and card number is encrypted using an algorithm and stored on the server.
- Encryption keys are stored in a thoroughly controlled environment which is limited to authorized people only.
3. Restrict access to database
- Only members with security clearance are allowed to access the database for maintenance and development purposes.
- Any access to the main server and databases is recorded with audit trails which is reviewed regularly.
- Abnormal access attempts are monitored in real-time and immediately blocked to prevent any security threats.
4. Internal network security
- We separate network servers for business usage and backend usage to block any data leakage that might penetrate from the business server.
- Each network is protected by firewalls and malicious site filtering to control access and avoid infection from malicious codes.
5. Backup to secure data
- Any data inputted into the system is backed up daily and monitored for security purposes only.
- Data are scattered to multiple database centers and saved simultaneously to avoid data loss in case of emergencies.
6. Build and manage internal security policies
- ECOUNT's security department is fully dedicated to cyber security and thoroughly examines internal data security.
- We check whether our security policies are up-to-date properly through regular internal audits.
- Ecount fulfills on its compliance with Information Security Laws (Privacy Law, Information Network Law) and reflects them on internal security policies.
7. Regular security checks and cyber security training for all employees
- Ecount employees follow security requirements by following the Clean Desk Policy and deleting any data with private information from their computers.
- Ecount employees are restricted using USBs on business computers and limited to external file servers or P2P sites.
- All employees are trained on cyber security every year to enhance awareness for security.
- 1. Yearly regular audit from external security-specialized auditors
Servers Stored in Amazon Web Services(AWS)
- All ECOUNT servers are securely managed in Amazon Web Services(AWS), the world's leading cloud provider.
- Threats to servers such as DDoS and Malware attacks are blocked to protect data from hacking and external threats.
- Our team specialized in cyber security monitors servers and database to respond to security threats in real-time.
Customize Your Account Security Level
- Set restricted ERP access hours by users.
- Block access for a particular IP or block access to ERP during forbidden hours.
- Set password change cycles to secure individual accounts.
- Administrators can view login history by user, and restrict login from unauthorized locations (e.g. forced logout).