Security at Vymo
We take the security and availability of your data seriously.
- Encryption in transit with SSL/TLS protects data transmitted between you and Vymo.
- Central User management for administrators.
- IP address based white listing and range restrictions.
- User credentials encryption.
- Session Timeout, Vymo times out user sessions if the application is left inactive for configurable time.
- Option to put a imit on simultaneous session(s).
- Increaseing the Entropy of session IDs makes sessions less vulnerable.
- Adoption of OWASP Top Ten into the software development culture.
- IMEI # based authentication.
- Rejects compromised devices.
- TTL for cached pages on mobile devices.
- Session timeout support in offline mode.
- Ability to delete data remotely for disabled users.
- Vymo is EU-GDPR Compliant.
- Security practices at Vymo are verified by Third Party Vendors and Audits are conducted at regular intervals.
- Vymo is SOC2 Type II compliant. Vymo is ISO/IEC 27001:2013 certified and all operational processes have been audited by an external accrediated agency and certification body.
- Vymo uses TLS v1.3 and PGP to facilitate privacy and data security for communications.
- Protection from complex security attacks using SSL Certificate Pinning.
- Enterprise-grade protocols like AES-256 are put to use to encrypt sensitive PII.
- Comprehensive Rights Management Services, preventing access without right user credentials.
- Ability to mask sensitive data
- Option to not allow any caching of data
- Industry Standard Approach to safeguard Production Keys
- Stringent organizational level controls are followed to ensure safety of PII and supplementary data within the organisation.
- Policy protecting data from third-party use
- Activity log maintenance that tracks all user activities.
- If you choose to leave, you leave with your data.
- Vymo will not use your data for any marketing or advertising purposes.
- Vymo makes the code harder to understand and uses tools that prevent code inspections.
- Vymo doesnt store any password or authentication keys.
- Regular audits are conducted and system is tested by various parties in various areas like Cloud Secure Network Achitecture(SNA) audit, Blackbox application testing and other core areas.
- IP Address Range restrictions
- ISO 27001
- PCI Level 1
- FISMA Moderate
- Sarbanes-Oxley (SOX)
- Firewalls, DDoS mitigation, Port scanning
- Customer Application Isolation
- Robust Data Center Disaster Avoidance and Recovery Policy in place
- Your data is saved in two localized data centers.
- Backups are taken daily
- Escalation matrix defined and provided to key stakeholders for quick resolution
We recommend Vymo web app users to check with their system administrators to ensure
the following system and browsers are available.
Operating System Requirements
Ensure your computers are installed with one of the following operating systems:
- Windows 7.0 or Higher
- OSX Yosemite or Higher
Supported web browsers:
- Google Chrome version 52 or above
- Microsoft Edge
- Internet Explorer 11
Browser Feature Requirements
Depending on the browser of your choice, you must have the following browser features enabled:
- Cookies must be enabled
- LocalStorage must be enabled
- HTTPS – TLS v1.1 or Higher
Vymo is fundamentally changing the way financial services work.