Data Security, Confidentiality, Privacy

General Security Governance

  • ISO 27001 and ISO 9001 certified
  • Have an Information Security Officer who is formally accountable for information security
  • Security Program is audited by an independent third-party periodically
  • Periodical penetration tests on all systems are performed by the third-party
  • Securities of vendors and/or sub-contractors are accessed
  • Incident response procedure is in place
Indian Muneem
Indian Muneem

Resource Security

  • Background checks of employees before joining.
  • Regular staff training on the current security system and best practices.

Physical & Environmental

  • 24x7 Surveillance CCTV systems are installed & only CEO & COO or authorized to have access to the CCTV System
  • 24x7 Security Guards at entry & exit gate
  • Screening of visitors/employees by a security guard during entry and exit for data storage media like CD’s, USB drives, etc.
  • USB drives and CD's are banned from the work-floor.
  • Entry & Exit Registers
  • Physical Login Register
  • Biometrics Time Attendant Systems
  • System for Physical Security breaches and conditions under which such breaches are notified to clients
  • 100% Power Backup
  • Proper monitoring systems for power supply, HVAC, temperature & other environmental controls in place
  • Full-fledged Fire Control Systems in place
Indian Muneem
Indian Muneem

Network

  • Configuration Guidelines for Network Equipment in place.
  • Firewalls in place.
  • Firewall Analyzer in place.
  • Use of secured line (128 bit SSL) to access and transmit data (images) from servers.
  • Segmented LAN with firewall protection.
  • All ports except DNS and SMTP servers are disabled from the external world.

System

(I) Server

  • Latest Windows Operating System & kept them updated through updates and security patches
  • Antivirus in place
  • Login Records maintained.
  • Real-Time Backup of all data done regularly either in client’s server farms or our data servers depending on client choice

(II) Computers/ Laptops

  • Latest Windows Operating System & kept them updated through updates and security patches
  • Antivirus in place
  • Client Login Records maintained
  • Access to source documents is restricted to authorized employees only
  • No fax and printing capabilities at the processing site
  • PCs used for processing do not have CD ROM drives
  • PCs used in processing are denied web access
  • Limited usage of paper on the work-floor
Indian Muneem