Physical Security
- We have installed an access control system at our workplace’s entrance to enable only authorized personnels to the workspace
- Screening of visitors and employees by a security guard (including in night shift) during entry and exit for data storage media like USB drives, SD cards, memory cards etc.
- No cameras, camera phones and digital recording media allowed in sensitive processes or sections of our premises
- Entire work floor area is covered under CCTV security cameras. The feed is monitored by IT and administration department on a regular basis
- Building awareness in the employees regarding “Phishing Attacks & Scams”
Policy Backed Security
- Our organization adheres to a privacy and data security policy, developed in consultation with outsourcing experts. This is clearly discussed with existing and new staff to ensure complete understanding and compliance
- Employees sign non disclosure agreements (NDA) with stringent data security clauses, punishable under Indian laws including Information Technology Act, 2000
- Complete background checks for employees including references from past employers, registrations with nearest police station and family background check
- Most of our employees have prior outsourcing experience, and are familiar with the strict data security policies of an outsourcing firm
Data Security
- Emails monitored and protected through Microsoft 365 & Intune. Multiple Factor Authentication, frequent password change ensures the mailbox is accessible to the authorized person only
- Email server is protected using Microsoft Defender, Sophos Endpoint Protection and Micro Intune Data Loss Protection (DLP) using Microsoft Defender and Intune
- Access to data is through 256 bit SSL encryption which ensures transmission security
- Comprehensive security audits are performed on a regular basis
- We are in process of moving towards a paperless environment, which is both environmentally beneficial and ensures data security
Network Security
- Network security is maintained through Sophos Firewall Protection and Microsoft Defender for server and client level security to protect against virus, worm and other malicious attacks
- Segmented LAN
- Multiple client level access restrictions
PC and Shared Workspaces Security
- OHI is fully on Office365 Platform
- Individual domain accounts for each processor ensures that the access to source documents is restricted to authorized employees only
- PCs used by processors have disabled USB and CD ROM drives
- Users are not permitted to utilize personal email accounts. Access to a variety of websites is limited and monitored
- Shared WorkSpaces such as OneDrive have restricted access to just the assigned teams only
