SECURITY POLICY – AGHRMS (MY)

In today’s technology-driven society, companies face increasingly complex cybersecurity threats which can potentially put confidential information such as employee data, client information and intellectual property at risk.

Security consists of both Cybersecurity and Physical Security.

AGHRMS (MY), by AGHRM Malaysia Sdn Bhd, is certified with ISMS ISO 27001:2013 and is 100% compliant with recognized Cloud Security requirements and standards of international HR Softwares and AWS Assurance Compliance programs today.

These Assurance & Compliance Programs indicate that AGHRMS (MY) has a thorough and detailed IT and Software Security Management System in place, to keep clients’ data and information safe, secure and confidential.

AGHRMS (MY) is awarded the Data Protection Trustmark (DPTM) certification by the Infocomm Media Development Authority of Singapore (IMDA).

This means that all Clients’ Personal Data and Employee Information is managed in a responsible manner with 100% security and full confidentiality.

AGHRM Malaysia Sdn Bhd stores all client data and information and hosts its’ AGHRMS (MY) Cloud HR Software on Microsoft Azure, which provides multi-layered top security across operations, infrastructure and data centers.

All passwords are encrypted with a secret cryptographic key and a cryptographic hash function.

Our data center is located in Singapore:

AG Net Pte Ltd [Singapore Headquarters]
57 Ubi Ave 1
Ubi Center, #05-05
Singapore 408936
Tel: (65) 6844-8712
Email: sales@aghrm.com
Company Registration UEN Number: 200603625R3. SECURITY THREATS AND VULNERABILITY MANAGEMENT

AGHRM Malaysia Sdn Bhd conducts a yearly Vulnerability Assessment on AGHRMS (MY) and its IT systems and networks, to identify issues and potential threats, in order to protect critical data and ensure AGHRMS (MY) is not exposed to cyberattacks.

AGHRM Malaysia Sdn Bhd also conducts a quarterly Penetration Test on its’ IT infrastructure and applications to proactively identify and correct any security weaknesses quickly and in a timely manner.

Users can log into their AGHRMS (MY) Cloud HR software portal via Username and Password. AGHRM (MY) helps companies enforce IT Security with Password Policy Tools:

  • Password Length: 4 – 14 Characters
  • Warning Before Password Expiry: 3 Days
  • Available For Configuration
  • Enforce Password History
  • Enforce Complex Password
  • Configure Password Age (In Days)
  • Number of Passwords To Remember: Up To 20 Passwords

Authentication Requests are performed using a one-way hash to ensure password security.

Clients can configure different access levels and set limits on each employee’s usage of the portal. AGHRMS (MY) undertakes not to access client’s information unless the Client’s initiates a request for assistance via our Support Ticket system, email or phone call.

AGHRM Malaysia Sdn Bhd shall actively hold information and data in clients’ accounts securely for as long as the client uses AGHRMS (MY) Cloud HR Software.

Termination of Client accounts: Once a client account is terminated, any information and data relating to the client will be permanently deleted after 30 days from the termination date. AGHRM Malaysia Sdn Bhd shall give each client prior notice before the said deletion.

Information Security (IS) refers to confidentiality, integrity, accessibility and protection of Data from threats and malicious intent.

All clients shall receive such training throughout their term with AGHRMS (MY). During Onboarding, clients will be notified and reminded on Secure Data Protection and Management.

To ensure safe handling and storage of data, AGHRMS (MY) urges all clients to draft and enforce their own Internal Security Policies, SOPs from time to time, and identify potential security issues and adhere to best practices in IT and Data Security.

AGHRM Malaysia Sdn. Bhd has in place, a thorough step-by-step Crisis Management Process for resolving any breaches or incidents where Data Confidentiality might be compromised.

In the actual event of a breach, AGHRM Malaysia Sdn Bhd and AG Net Pte Ltd (Singapore Headquarters) will immediately conduct a thorough investigation and Assessment.

If the breach could potentially result in significant harm or impact to the affected person(s) where the Personal Data or Information relates, our Support Team shall notify them within 72 hours.

AGHRM Malaysia Sdn Bhd is committed 100% to keeping all clients’ data safe and secure by adhering to the best industrial systems and practices in IT and Data Security.

For more information on our Cloud HR Software Security, Breach, and Data Protection, please contact our AGHRMS (MY) Data Protection Officer at sales@aghrm.com.

AGHRM Malaysia Sdn Bhd recognizes the critical importance of cybersecurity than ever before.

The company proactively takes steps to continuously enhance our HR Software in keeping up with today’s HR trends, along with preventive measures and new software features to protect against or resolve any cyberattacks and security incidents in a timely manner.