Is the AyMINE secure system?

• Key elements of security in a nutshell
  • Protecting worker misuse
  • Protection against abuse by system administrators
  • Protection from misuse by developers
  • Protecting the server itself
• About security in more detail
  • No one has access to the data
  • No other client can get to the data
  • The data is in the EU

AyMINE has been developed according to corporate security standards and is also used by companies certified according to ISO27000/TISAX standards.

No company or prudent person will entrust data and processes to somewhere they don't trust. We are very aware of this and do everything we can to make AyMINE a secure environment.

Key elements of security in a nutshell

Did you know that 80% of data leaks and intrusions are caused by your own employees? We know those, and we've secured the system accordingly.

Protecting worker misuse

• Two-factor login
• Strict authorization control
• Strict rules for setting user privileges
• Detailed differentiation of write and read permissions
• Impossibility to access data outside of controls.

Protection against abuse by system administrators

• Administrators cannot access data
• It is not possible to track the data - which employees work with - the data is not logged anywhere
• System administration takes place in a completely separate area where there is no way to see any user's data (except to identify individual users).

Protection from misuse by developers

Even a developer has no way to get

• It is not possible to monitor people's behavior by turning on debug
• Debug mode can only be turned on with the user's knowledge - even in this case the worker cannot see the data, only information about the processing in progress

Protecting the server itself

The basis of protection is to minimize accesses and its security

• Administration access is protected by a certificate - it cannot be broken by brute force
• The number of people with administrative access is limited to a maximum
• Administration can only be performed by tribal employees

About security in more detail

No one has access to the data

Even the admin can't get to your project or notes. No one can look into a project or area without being granted permissions, even with the most privileged of permissions.

If an admin wants to grant themselves rights, a record will be created. The same will happen if he wants to quietly disappear. The record is stored in the system and logged, so it can be traced. So he would have to significantly reprogram the application to get into your space.

No other client can get to the data

Even though a single server provides space to multiple clients, there is a solid wall between each client's data due to the logical design of the system. It is not possible to put a query into the database that returns data from multiple clients. Nor is it possible for a logged-in user to impersonate another company's user. The system is designed from the start to make this impossible.

Incidentally, these limitations are also the reason why it is not possible for someone with accounts from multiple firms to view, for example, requests from two firms' projects at once. Nor is it possible to mix e.g. calendars from multiple companies in the system, even if the user has accounts in both.

(It is possible, however, to synchronize calendars from different accounts to a mobile phone, for example. But then the connection happens on your phone, not in the system.)

The data is in the EU

We keep all data in the EU. Czech data is in the Czech Republic, we try to route data from companies in other countries to servers in other countries if there are enough clients to make it make sense to create a server.