An industry
standard PDCA (Plan, Do, Check and Act) approach has
been applied to define, establish, operate, monitor
and improve Information Security Management System
[ISMS].
While designing and implementing
the ISMS, the following aspects have been considered
for the preservation of data with respect to:
Confidentiality - Accessible to
Authorised persons only Integrity
- Accuracy and completeness of information and processing
methods Availability
- Authorised users have access to information and
systems when required
Security
Policy
Confidentiality
- Ensuring that information is accessible only to
those authorized to have access Integrity
- Safeguarding the accuracy and completeness of
information and processing methods Availability
- Ensuring that authorized users have access to
information and associated assets when required
Security Overview
Personnel :
Employee Background Verification check by a dedicated
team as a part of Recruitment process
Dedicated Physical Space for each project
Entry restricted through Access Control
Clear desktop policy has been implemented
Information Access :
No detachable drives & USB Ports disabled
Restricted Access of Information and periodic review
of the same
Strong user authentication is required to work on
any system in the network
Regular updates of Anti Virus Software
Strict Procedures in place for secure disposal of
all type of information.
Network :
Dedicated VLAN’ s for each project
Firewall & Access Lists on the Router ensure
restricted access to clients systems
Dedicated Point-to-Point connectivity to Clients’
network
Strict User Registration Process is implemented
to authorize access to information systems.
Backup procedures are documented and implemented
Disaster recovery procedures in place for all critical
devices & assets. These procedures are tested
and updated regularly.
Confidentiality - Accessible to
Authorised persons only
Personnel :
