| We have adequate level
of physical security controls over our
facilities: appropriate alarm systems,
access controls, fire detection and
suppression systems, 24 hour video surveillance,
visitor and employee identification.
Only personnel working on a particular
client project are given access to that
floor area. Shredding machines are placed
on every floor to shred sensitive client
confidential information and avoid its
misuse.
Data transmission and receipt is
restricted to the VLAN created for
each customer. Additionally, based
on customer’s requirement, encryption
facilities are also provided. The
Company has provided Firewall and
marks all the customer information
data by numbers and formally issues
on a need-to-know basis. The marked
copies of critical nature are traceable
at all times. We have a PGP based
data encryption for business mails.
We also maintain secure computer
rooms and tape libraries with access
restricted only to Data Processing
personnel and have documented security
policies, procedures and standards.
Checkpoint firewall is installed on
Nokia IP 330 & Nokia IP 440 to
prevent unauthorized monitoring from
being performed. All network equipment
is password and audit controlled.
We use only legally licensed software.
A Data Security Confidentiality Agreement
is executed which allows site audits.
These audits can be conducted without
any prior notice.
|
