Data security
teamecho is certified with the Cyber Trust Austria Label, the Austrian label for cyber security. It is based on the Cyber Risk Rating Scheme, which was developed by the Competence Center Safe Austria in cooperation with KSV1870.
Data protection and data security
1. Access data
1.1 All system accesses are secured according to the latest standards
• Minimum length of passwords
• Non-reversible cryptographic encryption (bcrypt hash, random salt)
• Runtime smoothing & noise insertion against side channel attacks
• Protection against brute force attacks by limiting the number of login attempts
2. Data transmission
2.1. Encrypted transmission of the data
• AES 256-bit SSL transport encryption
• https symbol in the browser to avoid phishing
3. Data storage
3.1. Server location in the EU
• Hosting with the company Hetzner in Germany
• Hosting with the company Microsoft in the EU
3.2. Anonymized data storage
• Survey results and comments are not reattributable to individual users (log files without session/user information, random initialization vector)
• Encrypted storage of all data (AES-256-bit)
3.3. Virtual server security
• State-of-the-art protection against unlawful access
• Regular security updates to avoid security threats
3.4. Physical server access controls
• Electronic access control system with logging
• Documented key allocation to employees
• Video surveillance at the entrances and exits
3.5. Data loss prevention
• Early fire detection system at the server site
• Regular encrypted backups in two additional locations
(Offsite encrypted backup)
3.6. Regular employee training on the subject of data protection
• Avoidance of data leaking
• Raising awareness of social engineering
