Security is not only important for cloud applications; it must be the basis of design and architecture, not an afterthought, as is the case with many web applications. In addition, providing only operational level security is not enough.
EcoSuite has security at each and every step of the way. Security is the foundation of EcoSuite from the start. Security is built in at every level from architecture to design to access and to operation to maintenance. Besides, EcoSuite has security at all levels with layers of access control, full HTTPS support for logins, sessions, connections and transmissions.
Security is built into EcoSuite architecture with multiple layers of indirection to access any piece of data or files. The access is controlled granularly at each level of access and at each time of access. Each access must match both internal and external parameters.
Our data center, network, servers, database and applications are designed with security and redundancy at each and every step.
All data, files, emails and applications are private to the user. Unless a user provides access explicitly, nobody can access them. The user controls all aspects of sharing and who can access and what they are allowed to do. Even the admin has no access other than changing quota or closing the account or changing the password, etc. We have two types of access control: permission-based and role-based. Role-based access control is more suitable for large organizations.
We provide full HTTPS support for logins, connections and transmissions and complete sessions.
We support file and email encryption including digital signature using public certificates and other means for your domain.
Every user account has a built-in Recycle Bin to protect against accidental delete of files, folders or applications. If you have provided delete access to another user through sharing, any file or folder deleted by the other user cannot be permanently deleted by the other user. It will be accessible to only the owner user through the owner’s Recycle Bin.
You can mark certain file folders as sensitive which will not let anybody access without secure connection.
All shared data and access can be controlled through automatic expiration. But it is not mandatory.
We have the means to remotely block access to certain commands, certain applications or even globally for your domain for any period of time for security and other purposes.
Our data centers are certified for SAS 70 and are PCI compliant.
All data, files and emails are private to you and nobody else can access them without you providing permission through sharing. Even we do not have direct access to your data unless and otherwise needed for support in which case you have to explicitly provide us access. Please see the privacy policy for more.
Our service is guaranteed for 99.9% availability. In practice, it is actually much higher level that we have achieved.