Our ISO/IEC 27001 standard provides guidance for establishing, implementing, maintaining and continually improving an information security management system. Security is our highest priority
Our platform has been designed from the ground up to exceed industry security requirements.
As a myosh customer you have the flexibility to invite users into your account to collaborate on your data, and the person that holds the subscription has control over who has access and what they are able to do.
We provide standard access to the myosh software using a unique username and password. Additionally, we support integration with Single Sign On (SSO) systems that allow organisations to apply their own Multi-Factor Authentication (MFA) and other authentication controls.
We encrypt all data that goes between you and myosh using the industry-standard SSL/TLS, protecting your personal, confidential and safety data. Your data is also encrypted at rest when it is stored on our servers, and encrypted when we transfer it between data centres for backup and replication.
myosh takes a defence-in-depth and breadth approach to protecting our systems and your data. Multiple layers of security controls protect access to and within our environment, including firewalls, intrusion protection systems and network segregation. myosh’s security services are configured, monitored and maintained according to industry best practice. We partner with industry-leading security vendors to leverage their expertise and global threat intelligence to protect our systems.
Our virtualised infrastructure is located within enterprise-grade hosting facilities that employ robust physical security controls to prevent physical access to the servers they house. These controls include 24/7/365 monitoring and surveillance, on-site security staff and regular ongoing security audits. myosh maintains multiple geographically separated data replicas and hosting environments to minimise the risk of data loss or outages.
myosh’s cybersecurity team continually monitors for threats to the system, including event logs, notifications and alerts. Also, myosh’s Information Security Management System is certified against the ISO 27001:2013.
AWS environments are continually monitored and audited, with certiﬁcations from accreditation bodies across geographies and verticals as part of AWS ongoing compliance with SOC, PCI DSS, ISO 27001:2013 and FedRAMP.
Penetration tests are performed by independent, CREST-certified providers.
Tests that are performed include TOP 10 OWASP, Most Critical Web Application Security Risks, OWASP Testing Guide v4, CWE/SANS TOP 25 Most Dangerous Software Errors.
We use highly fault tolerant and redundant services wherever possible to achieve a high level of availability. These ensure that if any component fails, myosh will keep on running – with little or no disruption to your service.
myosh has been designed to grow with your business. Our highly scalable infrastructure ensures we can deliver a quality and responsive service to you and our global users.
myosh performs real-time data replication between our geographically diverse, protected facilities, to ensure your data is available and safely stored. This means that should even an unlikely event occur, such as an entire hosting facility failure, we can switch over quickly to a backup site to keep myosh and your business running.
We’re constantly enhancing myosh, delivering new features and performance improvements. Updates are delivered frequently, with the majority of them being delivered without interrupting our service and disrupting users.
A phishing email is a favoured way for cyber criminals to get access to your sensitive information, such as your usernames and passwords, credit card details, bank account numbers, etc. This kind of email may look as if it has come from a trustworthy source, but will attempt to trick you into:
Once you are hooked, the cyber criminal may be able to steal or extort money from you, or gather sensitive personal or business information that they can use for other attacks. However, you can protect yourself and your business by being aware of these scams, and by knowing what to look for that may help you identify a malicious email:
These are just a few of the things to watch out for. There’s a lot more information and tips available on the web. But even if there’s nothing specific you can point to, the email may just not “feel” right. Trust your instincts, and don’t get hooked.
If you suspect you’ve received a phishing or malicious email, and it says it’s from myosh or uses myosh’s logo, do not click on anything in the email – please report it by forwarding the email to email@example.com.
Try to avoid a phishing attack by following these rules
If you receive a suspicious email make sure you: