CCRManager takes online security very seriously. We design our solution to meet the enterprise risk management standards of financial institutions. Our technology and security approach follows MAS Technology Risk Management (TRM) guidelines and our implementation has been audited by external auditor to be satisfactory in meeting those guidelines.
Data Security and Protection
We understand that data confidentiality, integrity, and availability is critical for our customers. We have taken measures to comply with regulatory standards and to ensure that your data is only available to the users and entities that you authorize. All sensitive data is encrypted in transmission and at rest. Application data is stored on a database with Highly-Available configuration. Additionally, user activities on the CCRM platform are logged and time-stamped, allowing auditing when necessary.
CCRManager's infrastructure is hosted in multiple Tier III data center facilities to protect against disaster scenarios. Each data center has N+1 redundancy architecture to ensure reliability. Physical access to the facilities is strictly controlled by professional security staff and recorded for audit-ability.
Our infrastructure configuration also incorporates redundancy in all components to ensure system availability in event of component failure. System access to CCRManager's servers are controlled through secure Management Zone, incorporating multiple layers of logical and physical security protections. All systems are monitored around the clock and any incidents will trigger alerts, allowing support team to respond quickly.
We actively monitor and block traffic (where required) to our websites that has been flagged as suspicious. Our threat-management approach uses next-generation firewalls (NGFW), intrusion detection systems, anti-malware, distributed denial-of-service (DDoS) attack prevention, behavioral analytics, and anomaly detection to constantly strengthen our defense. We force HTTPS (Hypertext Transfer Protocol Secure) for all transmissions between users and our platform, applying industry-standard protocols to encrypt data in transit.
Support and access to customer data
CCRManager's support team performs server access only for the purposes of system health monitoring, maintenance, or upon customer request. No personnel has ability to access customer data unless explicitly granted by the customer. If access grant is given, authorization is done formally via four-eye principle and all actions performed are recorded with audit trails.
Want to know more?
Need help to explain further? Or to expand more technical explanation? Drop us a note for us to assist.
We explain how information is handled in CCRM to protect your privacy
Tips on Protecting Yourself Online
Additional tips to enhance cyber security at personal level.