Ranging from startups to established organizations, many customers use our products and services. This places a heavy responsibility on us, driving us to maintain data security and compliance with global regulations so that you can trust us with your privacy and security needs.
At eComNeo, a Mobius venture, we follow an agile mode of development, where deliverables are released in patches and continuously integrated to meet both business demands and security agreements.
eComNeo prioritizes security by implementing robust measures to protect user data, system resources, and the overall application from various threats. Security is an ongoing process at our organization, and we remain committed to continuously evaluating and improving our security measures to adapt to evolving threats.
24x7x365 video surveillance: Mobius office is under 24x7x365 video monitoring both at the premises level and floor level to ensure only authorized individuals access the building and the office. This is covered by Security guards, Biometric Access, and fire/smoke alarms.
Two-factor authentication: Only authorized personnel can enter the Mobius workstation. Smart card readers and security guards are present both at the premises and floor level, which makes it impossible for any unauthorized person to enter.
Visitor policy: Visitor policies are rigidly adhered to by all our employees. Our security guards are informed in advance about any visitors, and a proper letter has to be produced for them to enter the office. Any visitor is always accompanied by our employee both inside the building and in the office.
Business continuity: All the data and applications are hosted in industry-leading Amazon Web Services and in Microsoft Azure, whose data centers have been thoroughly tested for security, availability, and business continuity.
We utilize two major cloud providers, Azure and AWS, and we offer geographically diverse infrastructure, increasing resilience against regional outages or disasters. If one cloud faces issues, the other can act as a backup, eliminating downtime and data loss. Access to a wider range of services and technologies across both platforms accelerates innovation and development.
Our network is well-updated with the latest version of firewalls and antivirus software to protect all internal and external communications, to detect and alert any intrusions in case of any threat. Multi-factor authentication is always required to access any production system. Logs are maintained and reviewed periodically to mitigate any incidents.
The NOC and SOC teams monitor the infrastructure 24x7 for stability, intrusions, and spam using a dedicated alert system. Our in-house IT team performs vulnerability tests and penetration tests every 90 days. All the data transmission is done through Transport Layer Security (TLS 1.2 & above) and Hyper Text Transfer Protocol Secure (HTTPS). We make sure no sensitive data values are stored in clear text.
We retain customer-related data using your personally identifiable information (PII) till your account is active or as per your request. We gather PII with your work mail ID and contact name when you sign up for our services. We do not disclose your information to anyone as part of our Privacy Policy. In addition to complying with our legal obligations, we resolve disputes and enforce our agreements. Once your service agreement term gets over, we delete all your data as part of the SOD (statement of destruction) policy.
Our technical experts have access to sensitive customer data for the effective development of the application. Access to customer data is provided over two-factor authentication and stored in a VPN. All access is logged, and no unauthorized person is allowed to obtain the customer data.
Mobius Knowledge Services is committed to ensuring the confidentiality, integrity, and availability of its critical information assets and business processes, and minimizing disruptions during the execution of its core and supporting business operations.
ISO/IEC 27001 is the best-known standard for an information security management system (ISMS) and is awarded to organizations that comply with ISO's high international standards. Mobius has acquired ISO/IEC 27001:2013 certification for applications, systems, people, technology, and processes.
ISO 9001 is a standard for quality management systems (QMS) and is awarded to organizations that comply with global standards. Mobius has acquired ISO 9001: 2015 certification for products and services that meet customer requirements and assurance.
NIST is the National Institute of Standards and Technology, a bureau that promotes and maintains measurement standards. It ensures organizations develop and maintain applications according to industry standards. Mobius is NIST-accredited.
Soc 2 is an auditing procedure that ensures service providers securely manage customer data to protect the interests of the organization and the privacy of its clients. SOC 2 is an evaluation of the design and operating effectiveness of controls that meet the AICPA's Trust Services Principles criteria. Mobius is SOC 2 Type II compliant.
Cyber Essentials is a certification acknowledged by the UK government to help businesses prevent cyberattacks and protect sensitive data. It ensures strong security for networks, devices, and access controls. Mobius is Cyber Essentials Certified.
For more information on our security policy and certifications, please contact dpo@mobiusservices.com or security@mobiusservices.com.
If you believe you’ve discovered a bug in our security, please get in touch at security@mobiusservices.com, and we will get back to you within 24 hours or earlier. We request that you refrain from publicly disclosing the issue until we have had a chance to address it.