SOC 2
Ekyam mandates this auditing standard for protecting client’s data and keeping it secure. This is a non-negotiable and a vital requirement for all SOC2 reports. We adhere to this standard by keeping the client’s data protected against unauthorized disclosure, unauthorized access and maintaining the privacy of the data. We are committed to follow Five Trust Criteria Principles(TSCs).- Security: This is the most fundamental Trust Criteria mandate for Ekyam as we secure the client’s data by restricting unauthorized access, monitor damage and prevent unauthorized disclosure of data. Ekyam’ security layer has four essential layers: Access control, Incident response, Continuous Monitoring and Data Protection.
- Availability: Ekyam engineers this criteria in a way that the system must be accessible and operational to authorized users. It also means that the system must be capable of recovering from any failure with a minimal impact. We have defined health checks for our services to help the system recover from failure mechanisms.
- Confidentiality: Ekyam adheres to the criteria of confidentiality by protecting the sensitive and confidential information from unauthorized users. We always store the confidential data in a secure environment and use designated encrypted keys for highly confidential data. The security team also runs automated checks to ensure that no confidential data has been shifted to a less-secure location.
- Processing Integrity: Ekyam’s integrity of processing criterion dictates that the data needs to be processed securely and accurately. We follow an approach where there is a mandatory input and output validation, which requires the security team to do a field verification, and check fields. Any data that does not fit into the criteria or fails the validation, the team records a detailed error log to manage the issue.
- Privacy: According to Ekyam’s defined and strict compliance standards, this criteria governs the regulated handling of Personal Identifiable Information (PII). We use the client’s data by adhering to the strict regulations of the standards and also by taking the consent of the user. Ekyam practices data minimization, therefore the necessary PII data is exposed for use.
ISO 270001: 2022
Ekyam complies with the Global GOLD Standard for ensuring security of information supporting assets. We adhere to the ISO 270001 Security Standard for governing the organizational implementation of policies, procedures, and controls. In addition to this, Ekyam ensures that it supports companies in managing their information securely and maintaining confidentiality. Ekyam has successfully implemented the standard by moving through the PLAN, DO, CHECK, and ACT (PDCA) process.GDPR
Ekyam mandates the European Union (EU) regulation to protect the personal data and privacy of EU citizens. We ensure that all stages of the GDPR, including an initial assessment, gap analysis, implementation of changes, internal audits and external audits by third parties are managed efficiently. Ekyam assures that it keeps its stakeholders’ information confidential, which strengthens its organizational credibility. By being GDPR-compliant, Ekyam ensures that it complies with the EU privacy laws; minimizes exposure to data breaches and non-compliance penalties; and strengthens relationships with clients through data protection.Ekyam’s Commitment to Data Rights and Protection
We follow strict adherence to the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA). Our mandate commitment to these standards defines our trusted relationship with our customers. We are built on **Data Subject Rights **that protects the user’s privacy as well as grants the users full control over their Personal Identifiable Identification (PII). Ekyam’s formalizes its commitment to the standards and protections rights through **Data Processing Agreements (**DPAs). The agreement mentions the protection and security that we guarantee to our customers to manage their data in compliance with GDPR and CCPA standards.Our strict adherence to the Data Subject Rights along with the Data Processing Agreements makes Ekyam reliable, compliant and trustworthy to use the customer’s data for processing.