We at ECHO take data security very seriously. All your data is secured and encrypted using best-in-class technology. Your encrypted data may be accessed only by authorized personnel from ECHO Institute and ECHO India, and is never shared with any 3rd party. Read our Terms of Use and Privacy Policy for more information.

<aside> ⚠️ Your password is stored in an encrypted format. ECHO employees cannot view your password, and we will never ask you for your password or one-time-passwords (6-digit code). In case you are contacted by an individual asking you for your iECHO password or OTP, please contact iECHO support immediately.

</aside>

Secure Cloud Infrastructure

• We use best-in-class server infrastructure technology from our partner AWS (Amazon Web Services)

• We have implemented best practices in infrastructure security based on the recommendations of the Amazon Cloud Security team, including

  • Strong access controls to sensitive infrastructure components
  • Two factor authentication
  • Private VPCs
  • Encrypted Cloud Storage
  • Regular system upgrades and security audits

  … for further technical details, please contact us at [email protected]

• Our system is periodically audited by an independent third-party cybersecurity consulting firm

State-of-the-art encryption and anonymization

• All data transfer within ECHO systems is encrypted using latest TLS 1.3 security protocols and is never shared with any third party
• All reporting and aggregated analytics data is automatically cleaned and all personally identifiable information is removed from ECHO’s internal reporting systems

Secure-by-design: Robust user authentication and authorization

• All users on iECHO have to authenticate themselves using either an email ID or a phone number, verified with a one-time-password (OTP)
• 2-factor authentication is implemented for sensitive accounts and where suspicious activity is detected
• iECHO implements role-based access control (RBAC) at an organization level. Data of one organization cannot be seen by a user in another organization (hub). In addition, granular role assignments allows hub teams to choose between Owner, Admin, and Member
• This restricts unknown participants from entering the Zoom session and potentially disrupting the ECHO operations (Read more about Zoombombing)

Data Security & Data Privacy Framework

• iECHO is compliant with global standards and compliance for data protection and data privacy. Please find detailed information about the legal compliance in our Privacy Notice.
• Log management: We maintain de-identified system logs of all network activity in our systems for audit purposes
• Incident management: We follow the globally accepted and standard step framework for cyber-incident response and management