.jpg)
Our Security
Hackers never sleep. The real time map beside shows the attempts to take down our server from different regions desperately just on April, 2020 alone. One thing is for sure, there is no longer a safe place to hide in this cyber world. We are fighting the enemies from different countries painstakingly in the dark while our clients are still fast asleep. For iWoWSoft's HRMS, clients' information is always our top concerns and top priority.
.png)
To safeguard the system, we need more than just investment in infrastructures. It is the combination of expertise, infrastructure, good practices and discipline that help to stack against the attack and protect our most important assets.
Web Vulnerability Scanning
-
Weekly scanning and priority fix.
-
Biannually PCI-DSS Scanning.
-
Protect against common SQL Injection, XSS and OWASP Top 10 attacks and vulnerability.
Firewall
-
Guarded with double layer firewalls
-
Web Application Firewall for DDoS Protection
-
Network Intrusion Detection
-
Advanced Persistent Threat (APT) Blocker
Multi-factor Authentication (MFA) for Remote Server Access
-
Remote access required MFA.
-
Designated server access by only few white list employees.
Regular Review on Suspicious Activities
-
Regular review on the server access activities.
-
Daily review on the attack activities and anonymous system access.
Suppliers/Third parties Software Management
-
Perform regular update to protect against zero day attack.
-
Strict protection from remote access.
-
Dedicated person in charge for software installation in data center.
Ransomware & Malware Protection
-
Regular daily backup.
-
Ransomware protection.
-
Antivirus installed for malware protection.
Incident Management
-
Professional team for security incident management.
-
Well define incident management flow.
Security Training and SOP
-
Training materials are provided to all supports and developers.
-
Change of security permissions required to submit official form.
