Security Policy

Data security, privacy and overall physical security is our main focus in delivering our services to our clients in both onshore and offshore environment. We have developed our IT and data security infrastructure based on the following benchmark:

The interagency guidelines issued by the OCC and the FDIC.

Our IT infrastructure encompasses the following:

  • Access control system and round the clock security in the work area.
  • There is a single entry/exit point, which is monitored 24 X 7 by trained security professionals.
  • Latest Close Circuit TV (CCTV) installed in all rooms and important public areas like passages, conference rooms, open area, etc.
  • Access to systems and information through a controlled authorization processes, e.g. work related access only
  • Every employee has it’s unique username and password to access his/her workstation
  • Electronic Devices such as mobile phones, PDA etc. are not allowed on the production floor. USB ports and other media drives are disabled based on a requirements of a particular engagement
  • Anti-virus software, firewalls and URL filters
  • Encrypted mode of data transmission
  • Access to local servers is restricted based on the process an employee is assigned to.
  • Appropriate backup mechanism to prevent data loss.
  • All client sensitive data will reside in the U.S. and accessed through CITRIX or VPN
  • Annual vulnerability assessment tests by certified third party Information Security auditors
  • As part of our business continuity planning, we have adequate disaster recovery process in place with a fully functional backup site at our Moorestown NJ location
  • Fire and smoke alarms are present and maintained in working condition
  • Random audits are carried out to ensure security policies are complied with leading to strict disciplinary actions including termination, for non-compliance.
  • Every employee signs a Non- Disclosure Agreement at the time of recruitment and any breach leads to strict disciplinary action including termination of employment.
  • Restricted access to internet websites. Access from work stations is only allowed if it is a process requirement. All such access is strictly monitored by the data security officer. Continuous monitoring of the web traffic and strict disciplinary actions are taken for any violations.
  • We have our own web based time and expense reporting system.