Ecesis EHS Software

Security
Measures

At EnviroData Solutions, Inc., we provide Software as a Service (SaaS) solutions that empower organizations to protect their employees and maintain compliance with environmental, safety, health, and quality regulations. Data security is at the core of our operations, and we have implemented comprehensive security measures to safeguard our clients' information. For a deeper look into our security framework, visit our Trust Center. We also maintain TX_RAMP Certification.

ORGANIZATIONAL SECURITY

  • Background Checks - All employees undergo background checks prior to employment.
  • Endpoint Security - Employee devices are regularly patched and are equipped with anti-virus software and malware protection.

PHYSICAL SECURITY

  • Workplaces - Workplaces are secured and locked when unattended to prevent unauthorized access.
  • Data Centers - Data centers are ISO 27001 certified, reflecting their adherence to rigorous security protocols.

INFRASTRUCTURE SECURITY

  • Network Protection - Firewalls are used to prevent unauthorized access to our servers, and client data is segregated into unique databases and application pools to protect sensitive data.
  • Server Hardening - Servers are hardened by disabling unused ports and accounts as well as removal of default passwords and outdated users.
  • Continuous Monitoring - Servers are actively monitored for malware, vulnerabilities, and suspicious activity through real-time logging and analysis.
  • Web Application Security - A web application firewall (WAF) screens traffic for threats, blocking malicious bots and suspicious IPs.

SOFTWARE SECURITY

  • Secure Coding Standards - Developers follow industry-recognized secure coding guidelines to reduce the likelihood of introducing vulnerabilities.
  • Code Review - Code changes undergo mandatory peer review with an emphasis on security-relevant logic.
  • Security Scanning - Dependency checking and static analysis are incorporated into the development lifecycle.
  • Developer Security Training - Developers receive recurring security training and guidance on emerging threats and mitigation strategies.
  • Penetration Testing and Third-Party Assessments - Independent security firms are engaged to assess product and infrastructure security.
  • Vulnerability Reporting - Ethical researchers are encouraged to report vulnerabilities through our Vulnerability Disclosure Program.

DATA SECURITY

  • Security By Design - Changes to our software solutions are reviewed for security risks at each stage of the development life-cycle.
  • Data Isolation - Each client's data is stored in dedicated, separate databases to maintain confidentiality.
  • In Transit Encryption - Data exchanged between clients and our servers is secured with strong encryption protocols.
  • At Rest Encryption - Customer data is stored on servers that are encrypted at rest to prevent unauthorized access.
  • Backup Encryption - Nightly backups are performed and kept in an encrypted state for added protection.

OPERATIONAL SECURITY

  • Backups - Client data is backed up daily, with encrypted and geo-redundant storage for disaster resilience.
  • Business Continuity - EDS maintains a comprehensive business continuity program, ensuring minimal disruption in the event of a disaster.

IDENTITY AND ACCESS CONTROL

  • Single Sign-On (SSO) - We offer various SSO integration options for seamless authentication.
  • Multi-Factor Authentication (MFA) - Our solutions support MFA, enhancing security and reducing the risk of unauthorized access.

VENDOR MANAGEMENT

  • Selection - We carefully evaluate and select vendors based on strict security and compliance standards.

INCIDENT MANAGEMENT

  • Breach Notification - In the event of a data breach, we follow strict internal procedures to promptly notify impacted clients and relevant regulatory authorities in accordance with legal requirements.
  • Business Continuity & Disaster Recovery - EDS maintains and exercises a business continuity program to minimize disruptions to our clients should a disaster strike.

CONTACT US FOR ADDITIONAL INFORMATION

If you have questions or concerns about EnviroData Solutions, Inc.’s security practices, please contact our Legal Department (Click Here To Email Us) or write us at:

EnviroData Solutions, Inc.
1499 West 120th Avenue, Suite 110
Westminster, CO 80234
(720) 547-5102
https://www.ecesis.net/

What Is Ecesis?

Ecesis is a leading EHS Software Solution that has been helping companies around the world reach their EHS goals since 1993.

Get in Touch

1499 West 120th Avenue
Suite 110
Westminster, CO 80234
(720) 547-5102 (866) 733-6912 Click To Email Us

Connect With Us

EHS Software on LinkedIn EHS Software on Facebook EHS Blog

Copyright © 2025 EnviroData Solutions, Inc.

Terms of Use    Privacy Statement    Cookies