Security Policy

Security is fundamental to us

EHP International Limited meets all industry standards to safeguard your data. We use a variety of methods to secure our network and servers as well as our software and web applications. Our data retention and business continuity plans are comprehensive and our employees maintain organizational security measures designed to keep your data safe.

Network and server security

Network infrastructure is segregated into levels of information classification with strict routing, firewalling, and access control links that separate each privilege level.
Network infrastructure undergoes regular internal audits that are augmented by semi-regular third-party audits and penetration testing.

Our information security team performs regular software updates throughout the EHP infrastructure to remain up-to-date on software security patches.

Software and web application security

Web APIs and web pages are secured TLS and up to date security configurations.
Industry-standard (symmetric and asymmetric) encryption algorithms with appropriately sized keys are used to protect sensitive Customer Information.

EHP applications undergo regular internal source code audits. Internal audits are augmented by semi-regular third-party audits.

Standards and leading practices identified by independent security organizations (e.g., OWASP) are integrated in to all Simple code creation processes.

Data retention & Disaster recovery

Data is aggressively archived and EHP performs regular offsite backups to ensure redundancy.
EHP services are designed to tolerate failures in supporting infrastructure while maintaining continuity of operations; we place a high priority on redundancy and ensuring maximum availability of our services.
EHP follows industry standard incident response procedures with a dedicated incident response team.

You may also contact us with any security concerns, or security suggestions at security@ehpinternational.com.