Enhanced Security Measures
-
Dedicated Information Security Officer with formal accountability for
information security.
-
Regular security program audits conducted by an independent third
party.
-
Frequent penetration tests performed on all systems by a third-party
auditor.
-
Evaluation of the security measures of vendors and subcontractors.
-
An established incident response procedure is in place.
Security Infrastructure
-
Continuous CCTV Surveillance, Accessible only to Authorized Personnel.
-
Round-the-clock Security Personnel Deployment.
-
Thorough Screening Protocols for Visitors and Employees.
-
Strict Prohibition of USB Drives and CDs on Workplace Premises.
-
Implementation of Biometric Attendance and Physical Login Systems.
-
Robust System for Addressing and Notifying Physical Security Breaches.
-
Uninterrupted Power Backup with Effective Monitoring Mechanisms.
-
Building-Wide HVAC System for Environmental Control.
-
Advanced Fire Control Systems Ensuring Full-fledged Safety Measures.
Strengthened Network Security Protocols
-
Implemented Stringent Configuration Guidelines for Network Equipment.
-
Deployed a Robust Infrastructure of Firewalls.
-
Utilized a Firewall Analyzer for Ongoing Monitoring.
-
Ensured Secure Data Transmission (images) through 128-bit SSL-encrypted channels.
-
Implemented LAN Segmentation with Enhanced Firewall Safeguards.
-
Restricted External Access to Only DNS and SMTP Servers, disabling other ports.
System
(I) Server
-
Latest Windows & operating system, consistently maintained
with regular updates and security patches.
-
Antivirus in place.
-
Login Records maintained.
-
Real-time backup of all data is done regularly either in the
client's server farms or our data servers, depending on the
client's choice.
(II) Computers/ Laptops
-
The Windows operating system is always up-to-date with the
latest updates and security patches.
-
Antivirus in place.
-
Client Login Records are maintained.
-
Source document access is restricted to authorized employees.
-
No fax and printing capabilities at the processing site.
-
PCs used for processing lack both CD ROM drives and web
access.
-
Paperless Work-floor.
Resource Security Practices
-
Implementation of Multi-Factor Authentication for System Access.
-
Regular Security Awareness Programs to Educate Employees on Emerging Threats.
-
Strict Access Controls to Limit Unauthorized Access to Sensitive Resources.
-
Encryption of Confidential Data to Safeguard Information Integrity.
-
Regular Audits and Assessments to Identify and Address Security Vulnerabilities.