2334

What is Information Security?

Information Security is most important, while  we talk about outsourcing. If an important data  reaches in wrong hands, it can create a chain of troubles. At SPgS, we  understand that, not just a Firewall and Antivirus can safeguard  the data of our clients. Even  a deficit of 0.001% in security can  anytime rule over the 99.999% security and  can lead to a Data Security Breach.

At SPgS, Information Security  is a culture, rather than a process supported by machines, software and human talents. We educate our team. We fine  tune our machines, devices and software in a timely manner. We monitor the results on regular basis.

(I): Infrastructure level

Infopark Phase II Building and its Premises.

  1. SPgS Located in Infopark Phase II, Cochin, India, which is an exclusive cyber space promoted by the state government
  2. Manned Security by armed Police (State Police)
  3. Multilevel security check points(vehicles and visitors), by the Police  force.

SPgS Production area and Premises.

  1. Access control using biometric systems
  2. Exclusive baggage room and cafeteria for the SPgS team.
  3. Any kind of electronic devises (not limited to USB, mobile, camera, external laptops, writing martial, bags etc), NEVER allowed in the production.
  4. Three tier authentication, for projects, which require, highest level of data security.
  5. Ergonomically designed work space with 360 nos. seating capacity over three shifts.

(II): Employee Level(Pre-Recruitment).

  1. Technical and HR screening.
  2. Police Clearance Certificate(mandatory), at joining time.
  3. Referral checking  at  joining time
  4. Direct checking with previous employer.
  5. Social media analysis.
  6. Employee awareness programs on data security/liability and consequences of breeches
  7. NDA with All employees.

(III). Technology Level.

  1. Dedicated server room with access control.
  2. Hardware firewall.
  3. User level authentication.
  4. Controlled access to internet/cloud.
  5. Data transfer allowed through corporate email and corporate FTP.
  6. Data transfer log and backup(emails, FTP) for verification when required.
  7. Adequate budget allocation for data security.
  8. We use licensed software only and ensure regular updates.
  9. Password-protected screen savers to prevent unauthorized access when idle.
  10. 24/7 CCTV surveillance, with backup upto 180 days.

(IV): Disaster Recovery and Information Security

Effective disaster recovery practices, to ensure business continuity.(which can sustain  infrastructure failure / crisis).

Remote disaster recovery center, with  capacity of 110 seats, 2 supported by High speed data & communication links.