As a leading provider of industry specific content and services on the Internet, we are firmly committed to information security. Our infrastructure and network are carefully protected from unauthorized access and security enhancements are constantly being implemented. You can be assured that we take strict security measures (consistent with good and sound industry practice and standards) so as to safeguard and maintain the confidentiality of our customers' personal and company-confidential information.
Our internal network is protected by a secure firewall. All access to the internal network, including dial-in, e-mail and Internet access, are permitted only to authorized users. Computer accounts are password-protected and regular security audits are conducted to ensure that only secured passwords are used. Public domain hacking software is deployed to test internal security measures. Audit trails of Internet access and usage are also kept.
All our staff, as a condition of employment, are required to adhere to and practice strict security guidelines in their day-to-day job functions. An IT Security Policy is in place to ensure that all our staff are educated on the importance of confidentiality and security. In addition, our customers are made aware of our security requirements and are requested to comply.
In general, the more customized the machine the less vulnerable the system becomes. We use highly customized Unix-based servers with only the necessary software and services installed so that they perform the required EC functions and nothing else. The machines cease to be general-purpose machines, and their vulnerabilities are greatly reduced.
Accessibility to our servers is restricted to a limited number of authorized personnel, and passwords are selected based on strict rules. For additional security, our servers are located in highly secured environments that offer state-of-the-art physical security.
While we believe that the security measures which we adopt are consistent with good and sound industry practice and standards, we (like anyone else) cannot guarantee that such measures are "perfect", as "perfect security" does not exist on the Internet.