General Security Governance

  • ISO 27001 and ISO 9001 certified.
  • Information Security Officer, who is formally accountable for information security.
  • The outsource accounting security audit by an independent agency.
  • Periodic penetration tests on all systems are performed by the third-party.
  • Securities of vendors and subcontractors are accessed.
  • An incident response procedure is in place.

Robust Security Framework

  • 24/7 CCTV Surveillance, Accessible to the CEO and COO.
  • 24/7 Security Guards Availability.
  • Proper Screening of Visitors/Employees.
  • USB Drives and CDs Banned on the Work Floor.
  • Physical Login and Biometrics Attendance Systems.
  • System for Physical Security Breaches with Notification.
  • 100% Power Backup and Proper Monitoring Systems.
  • Building-Wide HVAC System.
  • Full-fledged Fire Control Systems.
Robust Security Framework
Network

Network

  • Configuration Guidelines for Network Equipment in place.
  • Firewalls are in place.
  • A Firewall Analyzer is in place.
  • Use a secured line (128-bit SSL) to access and transmit data (images) from servers.
  • Segmented LAN with firewall protection.
  • All ports except DNS and SMTP servers are disabled from the external world.

System

(I) Server

  • Latest Windows & operating system, consistently maintained with regular updates and security patches.
  • Antivirus in place.
  • Login Records maintained.
  • Real-time backup of all data is done regularly either in the client’s server farms or our data servers, depending on the client’s choice.

(II) Computers/ Laptops

  • The Windows operating system is always up-to-date with the latest updates and security patches.
  • Antivirus in place.
  • Client Login Records are maintained.
  • Source document access is restricted to authorized employees.
  • No fax and printing capabilities at the processing site.
  • PCs used for processing lack both CD ROM drives and web access.
  • Paperless Work-floor.
System
Resource Security

Resource Security

  • Background checks of employees before joining.
  • Regular staff training on the current security system and best practices.