Skip to content
English - United States
Sign in
Contact us
  • There are no suggestions because the search field is empty.

EHS-Dashboard™ Site Security Information - January 2025

Cloud-Based Hosting

The EHS-Dashboard™ is hosted on Google Cloud Platform (GCP) infrastructure, which meets an extensive range of global security and compliance standards, including:

  • ISO 27001, ISO 27017, ISO 27018

  • SOC 1, SOC 2, SOC 3

  • PCI DSS

  • FedRAMP

  • HIPAA (for applicable workloads)

  • Australian Signals Directorate (ASD) Information Security Manual

  • Singapore Multi-Tier Cloud Security Standard (MTCS SS 584)

For detailed information on Google Cloud compliance with these and other standards, refer to the Google Cloud Compliance webpage.

Google Cloud’s infrastructure is designed to provide one of the most secure, resilient, and high-performing computing environments available. Key security benefits include:

  • Data Center Security: Housed in Google’s state-of-the-art data centers with multiple physical security layers, biometric access controls, and 24/7 monitoring to ensure data protection.

  • Network Monitoring: Protected by Google’s global-scale, AI-enhanced network monitoring and DDoS defense systems.

  • Resiliency: Data centers located across multiple global regions and availability zones provide high resiliency and disaster recovery capabilities.

  • Data Backup: Redundant and geographically distributed storage with continuous data replication safeguards against outages or data loss.

  • Redundancy: Application and database servers operate in redundant configurations, ensuring high availability and continuity in case of hardware or network failures.

For more details on Google Cloud infrastructure security, visit the Google Cloud Security webpage.

Application Layer

The EHS-Dashboard™ is built on the Ruby on Rails (RoR) framework, known for its stability, performance, and robust security features. The application’s design and development follow industry-standard security practices to protect user information and address known web application vulnerabilities.

To enhance security, the EHS-Dashboard™ team:

  • Regularly audits system security to identify and remediate vulnerabilities.

  • Incorporates frequent updates and patches to guard against newly discovered threats.

  • Leverages Rails’ built-in security mechanisms, including protection against SQL injection, cross-site scripting (XSS), and cross-site request forgery (CSRF).

For more information on Ruby on Rails security features, refer to the Ruby on Rails Security Guide.

Secure Sockets Layer (SSL)

The EHS-Dashboard™ employs a digitally verified SSL/TLS certificate to encrypt all communications. This ensures:

  • 256-bit Encryption: All client information exchanged over the HTTPS protocol is encrypted to prevent unauthorized access or tampering.

  • Data Integrity: Protects transmitted data, ensuring it remains intact and unaltered during transfer.

For more information on SSL/TLS encryption, refer to the Google Cloud SSL/TLS Overview.

Commitment to Future Certifications

While the EHS-Dashboard™ team currently leverages the security measures provided by Google Cloud Platform and industry best practices, we are actively pursuing direct certifications in relevant security standards to further strengthen our commitment to data protection.