|
NIIT SmartServe(NSS) adheres to the highest standards for data security and data privacy. At NSS, our policies are based on specifications of the ISO 27001 standard. We have been able to successfully create an environment of trust and confidence for our clients across the globe by providing secured Information Security Systems. In today's connected world, a potent and redoubtable security system is must, given the large number of electronic interactions and financial transactions conducted. Hence, NSS will not only help you strengthen your business resources and critical information but also help you mitigate risk and ascertain the continuity of business today and thereafter.
Our information security measures can be categorized into the following segments:
| 1. |
Asset Management |
| 2 |
Human Resources Security |
| 3. |
Physical and Environmental Security |
| 4. |
Communications and operations management Access Control (both logical and physical) |
| 5. |
Information Systems Acquisition |
| 6. |
Development and Maintenance Information Security |
| 7. |
Incident Management Business |
| 8. |
Continuity Management Compliance |
Some of the measures we take in the organization are as follows:
| 1. |
All physical areas are divided into specific zones and staff members are allowed access based on their process assignment. |
| 2. |
Each staff member is provided with a unique access photo-identity card that is programmed to their role requirement. |
| 3. |
Video cameras are placed at strategic locations for discrete monitoring of the facility. |
| 4. |
All visitors wear proper identification cards and are escorted while within the premises. |
| 5. |
Local Area Network: Separate physical network is setup if required. Team Member machines are specific to their business which are put up on a separate VLAN's. |
| 6. |
Information Storage: Information can be on servers that are isolated from the rest of the NSS network if client process requires segregated network or stored either on shared infrastructure with appropriate User Access Controls or on a separate physical server that is accessible only from the designated VLAN. Program related access to email, Internet or the printer on the workstations. Access to Internet is based on process requirement - they may have access to easyJet.com and not any of the regular email based portals like yahoo or hotmail. |
| 7. |
Floppy and CD drives are deactivated on all team member and 1st level supervisor machines. |
|