We have very well-defined security policies supported by various documents to ensure the security & confidentiality of client data. Therefore, we have developed a security policy which encompasses both physical and logical security as below:
- High level of Physical security at the premises with biometric access control system for access to work area.
- Restricted access to individual desktop by each user.
- Mobile phone usage policy restricts its usage outside the work area.
- CCTV surveillance of premises on a 24x7 basis
- Before recruitment of an employee proper reference check is done and documents & photocopy of ID proof is taken at the time of joining.
- Non-disclosure and service agreement is signed with employees at the time of employment.
NETWORK AND DATA SECURITY:
- Firewall controlled Network for computer network & data security.
- Restricted access to data resources on the file server. This ensures that only authorised persons can access the relevant data.
- All applications and windows user login credentials are also stored in encrypted form under a password manager with access to company’s directors / IT Manager only.
- Endpoint Vulnerability Management: Workstations are very easy targets for hackers. To avoid any nightmare, our IT team system makes sure that all the workstations are having latest windows OS patches, security updates and other application updates, as a part of our proactive Endpoint Vulnerability Management policy.
- We follow the policy of no personal devices (e.g. smartphones, laptops, iPad etc.) integration / connectivity with company’s network. This will ensure users are not getting into unsafe domains and websites that could, cause havoc by opening the company up to web – based malwares, spear fishing etc.
- For secure exchange of emails with our clients, we use SMTP (Simple Mail Transfer Protocol) with SSL/TLS by google cloud platform.
- Media like USB, CD or DVD ROM are disabled in all our running workstations.