ENTERPRISE-GRADE SECURITY

We’re Serious About
Data Security & Privacy

Keeping our customer's data secure and private has always been a top priority for ePROMIS from its inception. ePROMIS uses a multi-layered approach to secure the customer data and information that are entrusted to us. Our platform was designed and built from the ground up with security in mind to ensure the confidentiality and integrity of all collected data.

Security

Security measures considered and policies followed by ePROMIS

Data Collection

Data is encrypted in transit – all account information is encrypted in transit and stored in a secure data center hosted by Amazon Web Services(AWS).

Encrypted connection protocols included SSL/TLS and HTTPS.

End to End encryption(transit) is implemented to keep all data secure.

Data Storage

Data is encrypted at rest – ePROMIS uses several layers of encryption to protect customer data at rest in Amazon Web Services(AWS).

Data stored within the cloud is stored using AES-256 encryption.

All data, including attachments, photos, videos, and transactional logs, are split into discrete blocks which are encrypted.

Identity Authentication and Security Compliance

ePROMIS complies with your organization’s authentication security standards and protocols.

We support Multi-factor authentication (MFA).

We regularly test our applications and infrastructure to isolate and remediate vulnerabilities.

All ePROMIS data is stored in a secure data warehouse managed and secured by Amazon Web Services(AWS).

Who has access to your data?

You own the data in your account. ePROMIS does not view the private information collected by your account. Our policy is to take a ‘least-privilege' approach, meaning we only access customer data upon request for support from an authorized administrator for your account.

  • Customer information stored in the cloud is encrypted at rest with ePROMIS organizational keys.
  • ePROMIS employees do not have access to this information unless temporarily granted by the customer for troubleshooting.
  • User access is highly restricted and must be approved by an organizational admin you designate.

How do we protect your data?

ePROMIS is designed with multiple layers of protection across a distributed, reliable infrastructure. All ePROMIS data is stored in a secure data warehouse managed and secured by Amazon Web Services(AWS).

  • Servers are hosted in a SOC2 type 2 compliant data center, across multiple availability zones/regions along with many others. Compliances taken care of by AWS are available in this link.
  • AWS’s physical infrastructure has been accredited under CSA, ISO 27001, ISO 9001, ISO 27017, ISO 27701, ISO 27018, PCI DSS Level 1, SOC1, SOC2, SOC3, and many more. Learn more about AWS Physical infrastructure level security and controls from here.