Keeping our customer's data secure and private has always been a top priority for ePROMIS from its inception. ePROMIS uses a multi-layered approach to secure the customer data and information that are entrusted to us. Our platform was designed and built from the ground up with security in mind to ensure the confidentiality and integrity of all collected data.
Security
Security measures considered and policies followed by ePROMIS
Data Collection
Data is encrypted in transit – all account information is encrypted in transit and stored in a secure data center hosted by Amazon Web Services(AWS).
Encrypted connection protocols included SSL/TLS and HTTPS.
End to End encryption(transit) is implemented to keep all data secure.
Data Storage
Data is encrypted at rest – ePROMIS uses several layers of encryption to protect customer data at rest in Amazon Web Services(AWS).
Data stored within the cloud is stored using AES-256 encryption.
All data, including attachments, photos, videos, and transactional logs, are split into discrete blocks which are encrypted.
Identity Authentication and Security Compliance
ePROMIS complies with your organization’s authentication security standards and protocols.
We support Multi-factor authentication (MFA).
We regularly test our applications and infrastructure to isolate and remediate vulnerabilities.
All ePROMIS data is stored in a secure data warehouse managed and secured by Amazon Web Services(AWS).
Attain True Digital Transformation
ePROMIS FutureGen Enterprise Cloud is serious about data security and privacy. Our software has been built with the latest security features to protect your data. We also comply with the latest data privacy regulations. You can be assured that your data is safe with ePROMIS FutureGen Enterprise Cloud. ePROMIS FutureGen Enterprise Cloud is committed to providing the highest level of data security and privacy. You can be assured that your data is safe with ePROMIS FutureGen Enterprise Cloud.
Who has access to your data?
You own the data in your account. ePROMIS does not view the private information collected by your account. Our policy is to take a ‘least-privilege' approach, meaning we only access customer data upon request for support from an authorized administrator for your account.
Customer information stored in the cloud is encrypted at rest with ePROMIS organizational keys.
ePROMIS employees do not have access to this information unless temporarily granted by the customer for troubleshooting.
User access is highly restricted and must be approved by an organizational admin you designate.
How do we protect your data?
ePROMIS is designed with multiple layers of protection across a distributed, reliable infrastructure. All ePROMIS data is stored in a secure data warehouse managed and secured by Amazon Web Services(AWS).
Servers are hosted in a SOC2 type 2 compliant data center, across multiple availability zones/regions along with many others. Compliances taken care of by AWS are available in this link.
AWS’s physical infrastructure has been accredited under CSA, ISO 27001, ISO 9001, ISO 27017, ISO 27701, ISO 27018, PCI DSS Level 1, SOC1, SOC2, SOC3, and many more. Learn more about AWS Physical infrastructure level security and controls from here.
