01
Organization Security
All employees in the organization have to sign contract to protect confidential information.
Only the authorized employee is able to access into identified customer data.
Training all employees to realize and understand data security measure.
Data Security Policy must be identified by top management.
02
Architectural Security
Granted permission to view the employee data is identified and is used differently in each employee level.
Creating User Role that is ease to manage User Group.
Able to identify granted permission to access into each menu as required by User Role.
The system can record the history of data editing, data changing that made by whom and when.
The system can access into employee important data such as salary, bank account and any other relevant data.
Access into code of data using AES which has a key length into 256 bits, support the largest bit size.
Provide to use Protocol HTTPs for secure communication service through the user.
Able to use with various types of Single Sign On i.e. LDAP, SAML, OPEN ID.
Support to log into the system with Multi Factor Authentication (MFA).
Provide SOX model to support User Password Management System.
Facilitate Web Service in API Model especially to interface with other systems.
Support to interface with other systems in a secure way of SFTP.
PDPA Service Center System is designed to control granted permission access into personal data.
Certify the system from OWASP Standard.
03
Data Center Security
Multiple layers of authentication for server area access
biometric authentication for critical areas
Camera surveillance systems at key internal and external entry points
24/7 monitoring by security personnel
Facilitate Backup system both in data and in application.
Provide warning message to keep from any unauthorized access and hackers.
Provide Firewall System in each Server Group to protect against system hackers.
System Lock is available and can be accepted only using by an authorized IP.
Using Code for communication between Web Browser and Web Server in term of https.
Certify with IS0/IEC 27001 and ISO/IEC 20000-1 Standards.
Fire Alarm System is provided.
Contain the system to protect against power shortage.
Provide Internet link more than one hub.