As an enterprise grows, so do the requirements for information exchange amongst clients, partners, suppliers, employees and other stakeholders as per process demand. While, information and data get broadly distributed, threats to the confidentiality, availability and integrity of the data increase. It becomes imperative for any technical service organisations to build up and maintain a business aligned data security & management framework.
Sphinx Worldbiz, as a responsible IT and Engineering service provider, maintains a stringent data security and management regime and is ISO – 9001:2008 and ISO – 9001:27001 certified. Some of the measures taken by the company to maintain highest level of Data Security and Effective Management of Data Access are:
- Non Disclosure Agreement with all employees
- Physical separation of customer groups
- Customer-wise logical separation of project data on central server
- Password control restricts access to respective project areas only
- Detailed Password Policy to strengthen access control (New password at regular internal)
- No installation right to users
- No writing facility on work stations
- CD writing centralized, against authorization
- Fax/ scanning controlled
- Back-ups on daily, weekly and monthly basis; 2nd set stored in remote location
Internet protection via hardware firewall
- Centrally managed and updated Scanning & Anti-virus protection set-up
The company’s data security practices protect restricted, confidential and sensitive data from pilferage and loss. Protection of data in scope is a critical business requirement in this profession, yet access to data has to be flexible to work effectively. Maintaining an ideal balance between strict data security and flexible access plays the critical role.