• No results found

Information Security & Management Systems

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "Information Security & Management Systems"

Copied!
13
0
0

Loading.... (view fulltext now)

Download now ( 13 Page )

Full text

(1)
(2)

Our Security Protocol

Network Security – Our entire network is protected by multiple-layer of security appliance and software.

We have implemented the following security technologies to ensure information security and confidentiality levels exceed compliance requirements.

 Internet Security & Accelerator (ISA) Server.

 WatchGuard Firewall and Internet Security Appliance.  Verisign’s 128 –bit SSL encryption for online services.

(3)

Our IS Framework

code Mantra

Assess

Transfer of only required project specs and data

Secure Data Transfer Transfer via SSL FTP or HTTPS

Production Facility

Customer data received and stored on secure network server

Data Processing

Deploy controls to secure systems and processes

Quality Control

Systems to ensure quality of service and deliverables

Dispatch

Deliver processed data via SSL FTP or HTTPS Monitor Procedure

to monitor security systems are

adequate

Audit Trial Activity review and check for any breaches in

security Respond Inform and initiate steps to improve or resolve security

issues Firewalls 128-bit SSL Encryption Antivirus Secure Configurations Technology

Network & Privacy Policy Confidentiality Agreement Physical Security Segregation of duties & access

Security Protocol

Clear Desk Activity log

Vulnerability and Event Mgmt Training & Awareness

(4)

Network Policy Chart

Security Policies & Procedures

Personnel Security

Systems Network Security Configuration Contingency Planning

Armed facility

security & Authorization of users Authentication

Onsite\Offsite Backups & Archival

System

Limited access

to data Virus protection

& password mgmt Disaster recovery scheme Physical access

controls

128-bit encryption on data transfer

Secure receipt and removal of data Log on events of

data access

Internal audit of system activity

(5)

Network Resilience

Our high-end production servers are built with integrated RAID VI for data protection by supporting hard disk drive mirroring and redundant power models.

Data storage – As per our contingency plan, we run nightly backup on our servers.

(6)

Privacy Policy & Procedures

Our Privacy Policy includes,

A non-disclosure and confidentiality agreement to be signed by all members of the organization and senior management.

(7)

Privacy Policy Chart

Privacy Policies & Procedures

Resignation \ Termination Procedure

Nondisclosure Service Agreement

Unique Project\Account ID Resignation \ Termination Notice

Data Nondisclosure Agreement

Individual rights & access

Relieving Order Employee

Confidentiality Agreement

Tracking by staff ID Remove Individual Access

Employees list with individual ID

Comprehensive Activity logging

Reset Access Passwords Tracking System and

Procedures Administrative

(8)

File Transfer Protocol

File Transfer Protocol – Our secure FTP server supports SSL File Transfer.

Secure Sockets Layer (SSL) security protocol enables encrypted data transfer using the FTP client applications like cuteFTP Pro, FTP Voyager, or WSFTP Pro.

(9)

Intruder Detection

Anti-virus System - we use leading products like Norton Anti-Virus and McAfee to protect the flow of information on PCs, file servers, web servers, FTP servers, and email servers.

We deploy periodic anti-virus\software update, real time scanning and monitoring to avoid any virus attach or intrusion resulting from new viruses.

(10)

Office Security Systems

 All the entry points to the premises are guarded by armed security,24x7.

 Security cameras are installed at all critical points including production floors with digital recording capability.

 To ensure highest level of security and access to the premises, bio- metric finger-print access control system is installed at all entry and exit doors with anti-bypass facility.  The building is installed with Fire Alarm \ Protection systems and emergency exits.  NO Internet access at production nodes.

 NO floppy, NO Mass Storage devices, CD or media allowed inside production facility.  Production computers are installed with strict local policy and unwanted storage of

(11)

Business Redundancy

cM has a well planned and documented procedure outlining procedural and decision making regarding backup arrangements, resource allocation, priorities, and action items necessary to fulfill the goals of effective and timely disaster recovery, emergency management and business continuity plans.

Disaster Recovery and Business Redundancy Plans include:

 Daily backup of all new digital assets.

 Version control of process and deliverables at every stage.

 Backup of assets at secured off-site facility (Tapes, CDs/DVDs).

 Power backup with UPS and diesel powered generators.

 Hardware/Software support staff, 24 x 7.

 System maintenance procedures.

 2 x 3Mbps Fractional E1, 2 x 512 kbps backup ADSL

(12)

Confidentiality & Privacy Compliance

 All our work is done with utmost confidentially of data and stored in

highly secure Information Servers and physical locations.

 Transmission of data through 128-bit encrypted SSL technology

ensures high level of data security over Internet.

 We have non-disclosure and confidentially agreements in place to

(13)

Thank You

For more details, please contact codeMantra, LLC

References

Download now ( PDF - 13 Page - 423.66 KB )

Related documents

Css3 Cheatsheet 2017 Emezeta

2P top bottom left right 1P top right bottom left CSS Box Model B % size margin-right: 0 size % margin-bottom: 0 size % margin-left: 0 size % % size % size % size auto height:

Predicting Revisit Intention of Commuters: A Case Study of Private Bus Company in Pakistan

Final questionnaire was adopted containing 32 item scales with the name, service quality, relational/ relationship switching cost, commuter satisfaction, and revisit intention..

Patient Satisfaction in Relation to Nursing Care at Home

Regarding communication and health education, the patients who live in urban areas are more satisfied and with relationship the patients living in rural areas are the most

Plasma Concentrations of Efavirenz and Nevirapine among HIV-Infected Patients with Immunological Failure Attending a Tertiary Hospital in North-Western Tanzania

We conducted this study to determine the pattern of efavirenz and nevirapine plasma drug concentrations among adult HIV-infected patients with immunological failure attending at

Image fusion and reconstruction of compressed data: A joint approach

The contribution of this work is threefold: i) We present a model that jointly deals with the problem of reconstruction from compressed sources and image fusion; differently from

People People: Social Capital and the Labor-Market Outcomes of Underrepresented Groups

We then explore several data sets from the United States, Britain, and Germany to understand the role of interpersonal interactions in explaining task assignment, wages and

Effect of a sugar-free chewing gum containing Magnolia bark extract on the development of caries lesions in healthy adult volunteers: a randomized controlled intervention trial

PCA analysis supports the concept that caries risk is divisible into patterns attributable to distinct risk factors that work in accord: in the total sample two different

A National Study of the Reasons for Use and Non-Use of Alcohol Among College Student-Athletes by Sex, Race, and NCAA Division

Furthermore, the percentage of Hispanic student-athletes (70.2%) that rated I was not old enough to drink legally as an important reason for non-use of alcohol in the past year