top of page
Our Security (with License).jpg

Our Security

Hackers never sleep. The real time map beside shows the attempts to take down our server from different regions desperately just  on April, 2020 alone. One thing is for sure, there is no longer a safe place to hide in this cyber world. We are fighting the enemies from different countries painstakingly in the dark while our clients are still fast asleep. For iWoWSoft's HRMS, clients' information is always our top concerns and top priority.

HRMS Security Threats

To safeguard the system, we need more than just investment in infrastructures. It is the combination of expertise, infrastructure, good practices and discipline that help to stack against the attack and protect our most important assets.

18_1.png
Web Vulnerability Scanning
  • Weekly scanning and priority fix.

  • Biannually PCI-DSS Scanning.

  • Protect against common SQL Injection, XSS and OWASP Top 10 attacks and vulnerability.

Firewall
  • Guarded with double layer firewalls

  • Web Application Firewall for DDoS Protection

  • Network Intrusion Detection

  • Advanced Persistent Threat (APT) Blocker

Firewall - with License.jpg
MFA for Remote Server Access - with License.jpg
Multi-factor Authentication (MFA) for Remote Server Access
  • Remote access required MFA.

  • Designated server access by only few white list employees. 

Regular Review on Suspicious Activities
  • Regular review on the server access activities.

  • Daily review on the attack activities and anonymous system access.

Regular Review on Suspicious Activities - with License.jpg
Supplier or 3rd Party Software Management - with License.jpg
Suppliers/Third parties Software Management
  • Perform regular update to protect against zero day attack.

  • Strict protection from remote access.

  • Dedicated person in charge for software installation in data center.

Ransomware & Malware Protection
  • Regular daily backup.

  • Ransomware protection.

  • Antivirus installed for malware protection.

Ransomware & Malware Protection - with License.jpg
Incident Management - with License.jpg
Incident Management
  • Professional team for security incident management.

  • Well define incident management flow.

Security Training and SOP
  • Training materials are provided to all supports and developers.

  • Change of security permissions required to submit official form.

Security Training & SOP - with License.jpg
bottom of page