Security

Last Updated: April 8, 2025

Our Security Commitment

At Eskit, security is not just a feature—it's a core principle. We understand that you trust us with your sensitive business data, and we take that responsibility seriously. Our comprehensive security program is designed to protect your information at every level.

This page outlines the key security measures we implement to keep your data safe. We continuously update our security practices to address new threats and vulnerabilities.

Data Protection

Your data deserves the highest level of protection. Here's how we safeguard it:

  • Encryption: All data is encrypted both in transit (using TLS) and at rest using industry-standard AES-256 encryption.
  • Secure Data Centers: We host our services in ISO 27001 certified data centers with 24/7 security monitoring, environmental controls, and redundant power supplies.
  • Data Segregation: We employ strict data segregation to ensure your information remains separate from other customers' data.
  • Backup Systems: Regular backups are performed with comprehensive disaster recovery procedures to prevent data loss.
  • Data Minimization: We only collect and store the data necessary to provide our services.

Application Security

Our platform is built with security at its foundation:

  • Secure Development: We follow secure coding practices and conduct regular code reviews.
  • Vulnerability Management: Regular automated and manual security testing, including static code analysis and penetration testing.
  • Dependency Scanning: We monitor and promptly update third-party libraries to address security vulnerabilities.
  • API Protection: All APIs are secured with strong authentication and authorization controls.
  • Input Validation: Strict input validation and output encoding to prevent injection attacks.

Infrastructure Security

We've implemented multiple layers of security across our infrastructure:

  • Network Security: Firewalls, intrusion detection systems, and network segregation to protect against unauthorized access.
  • DDoS Protection: Advanced protection against distributed denial-of-service attacks.
  • Server Hardening: All servers are hardened according to industry best practices with minimal attack surface.
  • Continuous Monitoring: 24/7 automated monitoring for suspicious activities and potential security incidents.
  • Vulnerability Scanning: Regular scans for security weaknesses in our infrastructure.

Access Controls

We enforce strict access controls to prevent unauthorized use:

  • Authentication: Strong password policies, multi-factor authentication, and secure session management.
  • Authorization: Role-based access control (RBAC) ensuring users only access data they're authorized to see.
  • Principle of Least Privilege: Employees are only granted access to the specific systems and data necessary for their job functions.
  • Access Reviews: Regular reviews of access privileges to ensure appropriate permissions.
  • Secure Remote Access: VPN and other secure methods for employee remote access.

Organizational Security

Security extends throughout our organization:

  • Security Team: Dedicated security professionals responsible for our security program.
  • Background Checks: All employees undergo background checks before joining Eskit.
  • Security Training: Regular security awareness training for all team members.
  • Incident Response: Documented procedures for addressing security incidents quickly and effectively.
  • Vendor Management: We assess the security of our vendors and require them to maintain appropriate security controls.

Compliance and Certifications

We align our security practices with industry standards:

  • GDPR Compliance: Our practices are aligned with the requirements of the General Data Protection Regulation.
  • Regular Audits: We conduct regular internal security audits and third-party assessments.
  • Industry Standards: Our security program follows frameworks such as ISO 27001 and SOC 2.

Security Monitoring and Incident Response

We maintain vigilance against security threats:

  • 24/7 Monitoring: Continuous monitoring of our systems for security events.
  • Incident Response: A formal incident response plan with defined roles and procedures.
  • Regular Testing: We conduct regular incident response exercises to ensure readiness.
  • Post-Incident Analysis: After any security event, we perform detailed analysis to prevent future occurrences.

Security Best Practices for Users

While we implement comprehensive security measures, security is a shared responsibility. We recommend that users:

  • Use strong, unique passwords for your Eskit account
  • Enable multi-factor authentication
  • Keep your devices and browsers updated
  • Be cautious of phishing attempts and suspicious emails
  • Review and manage user access regularly
  • Train your team on security awareness

Reporting Security Concerns

If you discover a security vulnerability or have concerns about Eskit's security, please contact us immediately at security@enetricity.com.

We take all security reports seriously and will investigate promptly.

Contact Us

For more information about our security practices or to discuss specific security requirements, please contact us at:

Email: security@enetricity.com
Phone: +32 495 26 36 36