security
entomo is dedicated and committed to the highest standards of security for our customers. 30mn+ users and 1.4mn+ businesses worldwide from global marquee brands trust us with their data
ISO 27001
entomo is an ISO 27001 information security certified company
EU GDPR
entomo is GDPR compliant. personal information managed by entomo follows the latest EU laws
our commitment to security
defense in depth security
- entomo follows the ‘Defense in Depth security’ approach, in which a series of security mechanisms and controls are put throughout various layers (Perimeter/ Network/ Infrastructure/Application/Data) to protect the confidentiality, integrity and availability of the network and the data within
application security
- we follow a complete change management process and have set necessary controls at each stage of SDLC covering design, development, deployment, support, and maintenance
- entomo adheres to OWASP guidelines for application development
- RBAC (Role Based Access Control) is followed at entomo
- user activities within our product are available in audit logs
- penetration tests - entomo performs vulnerability & penetration tests internally before every release to ensure validity and legitimacy, besides working with global third-party security experts
- entomo supports MFA through SSO
- all encryption keys are securely managed and stored using AWS KMS
data security
- data in transit and Data at rest are encrypted
- data Classification is done accurately
- we enable data access controls that align with the least-privilege principle
- accounts and permissions are reviewed on a regular basis
- we have baked in Data leak prevention capabilities into our product
- entomo follows a complete automated Customer off-boarding process for Data Destruction, and we provide the clearance certificate of data erase
network security
- firewalls have been put in place to protect the perimeter of our infrastructure
- network segmentation is done
- our infrastructure is hosted in AWS VPCs
- entomo has implemented SIEM for collecting event log data from a range of sources, which identifies activity that deviates from the norm with real-time analysis, and takes appropriate action
corporate security
- we have established a well-defined Information security policy covering all areas of ITSM
- entomo engineers are regularly trained on industry’s leading security best practices with security at the core of all our endeavors
- we have well defined Incident Management Process Escalation Procedures in place for all IT System issues , Application issues and Security Incidents
audits
- entomo performs information security and privacy audits internally and externally annually
frequently asked questions (FAQ)
security questions or issues?
multilingual support
English, Chinese, Korean, Japanese, Bahasa, Thai, and Arabic
onboarding, onsite rollout support
ISO 27001, SOC 2 certified
SSO/SAML supported
