We at ECHO take data security very seriously. All your data is secured and encrypted using best-in-class technology. Your data may be accessed only by authorized personnel from ECHO India and ECHO Institute, and is never shared with any 3rd party. Read our Terms of Use and Privacy Policy for more information.
<aside>
⚠️ Your password is stored in an encrypted format. ECHO employees cannot view your password, and we will never ask you for your password or one-time-passwords (6-digit code). In case you are contacted by an individual asking you for your iECHO password or OTP, please contact iECHO support immediately.
</aside>
Secure Cloud Infrastructure
- We use best-in-class server infrastructure technology from our partner AWS (Amazon Web Services)
- Our systems have been audited by an independent third party cybersecurity consulting firm
State of the art encryption and anonymization
- All data transfer within ECHO systems is encrypted using latest TLS security protocols and is never shared with any 3rd party
- All reporting and aggregated analytics data is automatically cleaned and all personally identifiable information is removed from ECHO’s internal reporting systems
Secure-by-design — robust user authentication
- All users on iECHO have to authenticate themselves using either an email ID or a phone number, verified with a one-time-password (OTP)
- This restricts unknown participants from entering the Zoom session and potentially disrupting the ECHO operations (Read more about Zoombombing)
Data Security & Data Privacy Framework
- At present, iECHO is compliant with data protection and data privacy laws in the jurisdiction of United States and India.
- Note for India users: We have noted and are implementing the latest cybersecurity guidelines as specified by the Indian Computer Emergency Response Team (CERT-In) 2022.
- We are working with legal counsel to ensure we can provide legal compliance in other global jurisdictions in due time.
- Log management: We maintain de-identified system logs of all network activity in our systems for audit purposes
- Incident management: We follow the NIST (National Institute of Standards & Technology) 5 step framework for cyber-incident response and management