General Security Governance
-
ISO 27001 and ISO 9001 certified.
-
Information Security Officer, who is formally accountable for
information security.
-
The outsource accounting security audit by an independent agency.
-
Periodic penetration tests on all systems are performed by
the third-party.
-
Securities of vendors and subcontractors are accessed.
-
An incident response procedure is in place.
Robust Security Framework
-
24/7 CCTV Surveillance, Accessible to the CEO and COO.
-
24/7 Security Guards Availability.
-
Proper Screening of Visitors/Employees.
-
USB Drives and CDs Banned on the Work Floor.
-
Physical Login and Biometrics Attendance Systems.
-
System for Physical Security Breaches with Notification.
-
100% Power Backup and Proper Monitoring Systems.
-
Building-Wide HVAC System.
-
Full-fledged Fire Control Systems.
Network
-
Configuration Guidelines for Network Equipment in place.
-
Firewalls are in place.
-
A Firewall Analyzer is in place.
-
Use a secured line (128-bit SSL) to access and transmit data
(images) from servers.
-
Segmented LAN with firewall protection.
-
All ports except DNS and SMTP servers are disabled from the
external world.
System
(I) Server
-
Latest Windows & operating system, consistently maintained with regular updates and security patches.
-
Antivirus in place.
-
Login Records maintained.
-
Real-time backup of all data is done regularly either in the client's server farms or our data servers, depending on the client's choice.
(II) Computers/ Laptops
-
The Windows operating system is always up-to-date with the latest updates and security patches.
-
Antivirus in place.
-
Client Login Records are maintained.
-
Source document access is restricted to authorized employees.
-
No fax and printing capabilities at the processing site.
-
PCs used for processing lack both CD ROM drives and web access.
-
Paperless Work-floor.
Resource Security
-
Background checks of employees before joining.
-
Regular staff training on the current security system and best practices.