CCRManager takes online security very seriously. We design our solutions to meet the enterprise risk management standards of Financial Institutions. Our technology implementation, risk management, and security approach follow the Technology Risk Management (TRM) guidelines from the Monetary Authority of Singapore (MAS). We also engage an external auditor annually to ensure satisfactory compliance with OSPAR guidelines from The Association of Banks in Singapore (ABS).
Data Security and Protection
We understand that data confidentiality, integrity, and availability is critical for our customers. We have taken measures to comply with regulatory standards (PDPA and GDPR) and to ensure that your data is only visible to the users and entities that you authorize. The CCRManager transaction data is stored on a database with a Highly-Available configuration, geographically located in Singapore. Data is always encrypted when transmitted and stored. Additionally, user activities on the CCRM platform are logged and time-stamped, allowing auditing when necessary.
CCRManager is a technology partner of Amazon Web Services (AWS) and we host all our infrastructure on the AWS Cloud. AWS is the market leader in cloud infrastructure and is trusted by the most highly-regulated organizations in the world. CCRManager's infrastructure configuration incorporates redundancy in all components to ensure system availability in the event of component failure. This High-Availability configuration is tested regularly through Business Continuity and Disaster Recovery exercise. System access to CCRManager's servers is managed by a Privileged Access Management system, incorporating multiple layers of logical and physical security protections. Our support team monitors the CCRManager platform around the clock, and any incidents will trigger alerts, allowing a quick response.
We actively monitor and block suspicious traffic (where required) to the CCRManager platform. Our cyber-threat protection uses next-generation firewalls, intrusion detection systems, anti-malware, distributed denial-of-service (DDoS) attack prevention, behavioral analytics, and anomaly detection. We force HTTPS connection for all communication between users and our platform, applying industry-standard protocols to encrypt data in transit. We also perform regular penetration testing and vulnerability scans to ensure our security controls are always current and functioning as intended.
Support and access to customer data
CCRManager's support team only accesses the servers for system health monitoring, maintenance, or upon customer request. No staff can access customer data unless explicitly granted by the customer. If the access grant is given, authorization is done formally via four-eye principle, and all actions performed are recorded with audit trails.
Want to know more?
Need help to explain further? Or to expand more technical explanation? Drop us a note for us to assist.
We explain how information is handled in CCRM to protect your privacy
Tips on Protecting Yourself Online
Additional tips to enhance cyber security at personal level.