![]() ![]() |
DATA SECURITY |
|
DATA SECURITY
ABS understands the importance of data security very well and considers it to be an issue of existential concern.
Under the security standards, we ensure proper implementation of Administrative, Physical and Technical safeguards. By following standards we ensure protection of confidentiality, integrity and availability of electronic financial information of our clients .
Administrative Safeguard
- Full-time Data Security Officer to take care of policy implementation monitoring .
- Necessary policies and procedures in place to prevent, contain and correct security violations.
- Extensive background check conducted by HR department on all new employees prior to "employee confirmation process."
- Every employee enters into a Confidentiality Agreement that prohibits any employee to use/publish/disclose/divulge or permit others to use/publish/disclose/divulge any confidential information obtained by them. This Agreement is enforceable under the IT Amendment Act 2008 ,Data Security and Customer Privacy Act, with punishment that may extend up to seven years of imprisonment.
Physical Safeguard
We take compliance related concerns seriously and address them as a matter of important policy. We are suitably equipped with most technologically advanced infrastructure to handle data security issues.
Salient features are :
- The facility is truly locked down with access only to authorized individuals in client specific areas. Entrance in production area is restricted by finger print software.
- CDs, DVDs, pen drive, disk drive or any other storage devices are not allowed in the individual PCs and in office premises without prior permission from authorized management team members. Most of workstations do not have external USB and CD Drives.
- Entry of mobile phones is strictly prohibited in the production area. The appointment letter of each employee specifies this condition.
- Maintenance of a mostly paperless process environment followed by timely destruction of used hard copies etc.
Technical Safeguard
- Only need based Limited access to the network through login IDs and password protection is allowed in the production area.
- Our professional firewall system restricts the users to surf or access unauthorized sites on the internet.
- The teams have need based restricted remote access to the client's software applications . Client networks are physically isolated and have dedicated firewalls into the client's network for an additional security.
- We use the best of Hardware Firewall Solutions available in the market , HIPPA compliant VPN enabled Firewall Fortigate 60D is installed at our secure server that continuously restricts unwanted usage of the internet. It allows secure login from remote offices to our secure server through Remote Access VPN Client Login.
- The website of ABS is also SSL protected ,encrypting all the files that pass through it. Only need based limited access is provided to the employees restricting use with passwords .
- ABS uses professional E Mail services for completely secure data exchange with the client's back office using 128 BIT encryption of mail and uploaded files.