Trust Center - EHSSoftware.io

Compliance & Privacy

EHSSoftware.io is engineered for enterprise grade performance and best in class uptime. Our platform is built on rigorous compliance and privacy standards to help ensure your data stays protected.

Infrastructure Security

Our infrastructure is hosted on AWS. We leverage AWS's industry-leading security protocols and global network to provide a secure, scalable environment that keeps your data protected and available at all times.

Customer Data Protection

Data is protected with AES 256 encryption, TLS 1.2 and 1.3 protocols, and logical tenant separation. These best practices help secure the confidentiality and integrity of client data.

Application Protection

EHSSoftware.io uses a Test Driven Development approach, utilizing both manual and automated security assessments per OWASP's application security standards. This methodology provides protection through layered controls.

Organizational Security

Employees undergo background checks and they receive comprehensive security training during onboarding which is refreshed each quarter. Access to systems is controlled by the principle of least privilege and secured with two factor authentication.

Resources

Reports
Policies

EHSSoftware.io Certifications

All the tools you need in one place - Simplify illness & injury management and reporting. Achieve workforce participation, automate activities, assign and manage actions and report on performance.

Reports

SOC 2 Type II

GDPR Data Processing Agreement

Policies

Acceptable Use Policy

AI Acceptable Use Policy

Asset Management Policy

Authentication Standard

Awareness Training and Personnel Security Policy

Business Continuity and Disaster Recovery Policy

Change Management Policy

Encryption Policy

Ethics Policy

Identity and Access Management (IAM) Policy

Incident Response Policy

Information Classification and Management Policy

Information Security Policy

Network Management Policy

Physical Security Policy

Risk Management Policy

System Development and Procurement Policy

Vendor Management Policy

Vulnerability Management Policy

Whistleblower Protection Policy

Data Security

control

Status

Daily Database Backups stored in multiple locations both short and long term

Encryption at Rest

Security Policy

System Access Control Policy

Application Security

control

Status

Code Review Process

Static Application and Security Testing (SAST)

Dynamic Application Security Testing (DAST)

Employee Disclosure Process

Penetration Testing

MFA on Accounts

Secure Software Development Policy

Malware Protection

Intrusion Detection

Vulnerability Management

Log Management

Web Application Firewall

Infrastructure Security

control

Status

Cloud Data Storage Restricted

Multiple Availability Zones

Password Policy

Security Patches Applied Routinely and Timely

Hard-Disk Encryption

Network Security

control

Status

Denial of Public SSH

Firewalls

Logging/Monitoring

Penetration Testing

Quarterly Vulnerability Scanning

Unique Accounts Used

Organizational Security

control

Status

Acceptable Use Policy

Code of Conduct

DR Plan

EHSSoftware.io Employee Handbook

Incident Response Plan

Ongoing Security Training

Whistleblower Policy

Access EHSSoftware.io Demo Center

Get Better EHS Results With Our Mobile Friendly EHSSoftware.io

Access Now

Security

Compliance & Privacy

Infrastructure Security

Customer Data Protection

Application Protection

Organizational Security

Resources

EHSSoftware.io Certifications

Resources

Reports

Policies

Request Access

Controls

Data Security

Daily Database Backups stored in multiple locations both short and long term

Encryption at Rest

Security Policy

System Access Control Policy

Application Security

Code Review Process

Static Application and Security Testing (SAST)

Dynamic Application Security Testing (DAST)

Employee Disclosure Process

Penetration Testing

MFA on Accounts

Secure Software Development Policy

Malware Protection

Intrusion Detection

Vulnerability Management

Log Management

Web Application Firewall

Infrastructure Security

Cloud Data Storage Restricted

Multiple Availability Zones

Password Policy

Security Patches Applied Routinely and Timely

Hard-Disk Encryption

Network Security

Denial of Public SSH

Firewalls

Logging/Monitoring

Penetration Testing

Quarterly Vulnerability Scanning

Unique Accounts Used

Organizational Security

Acceptable Use Policy

Code of Conduct

DR Plan

EHSSoftware.io Employee Handbook

Incident Response Plan

Ongoing Security Training

Whistleblower Policy

Access EHSSoftware.io Demo Center