Ingenious e-Brain Solutions is an ISO 9001:2008 & ISO 27001:2005 certified organization. These certificates ensure data security and process management.
We have came a long way in having set-up a robust data security compliance policy within our organization thus fulfilling our core values and obligation on securing the client and company related data.
Organization Security SOPs
- Displaying of Identity card by all employees during entering the office premises
- Proper vetting of employees handling client confidential data
- Security audit at appropriate interval to locate and take appropriate measures at various snag
- Signing NDA (Non-disclosure agreement) between IEBS and client before every new-project request
- Data confidentiality and security program always find a way at usual or induction training program for tenured/new employee
- CCTV monitored office premise
Access control & Assets management
- Personalized login credential for each employee to maintain security of electronic data
- Maintain credential details, usage, access history within the organization
- Issuing of gate pass for external vendors and non-employees
- Security personnel deployed for restricting entry of un-authorize personnel within prohibited areas
- Confidential production bay defined for working and handling client relate data
- Lock enabled & data type restricted drawers to protect client confidential data
- Paperless organization – Minimum usage of paper
Network & Information Technology management
How files are received from client?
- Up-to-date technological software, antivirus software, firewall set-up by our IT department to abort untoward situations e.g. data sabotage, leak etc.
- Restricted use of personal e-mail services, social networking sites etc.
- Using appropriate technology such as security surveillance camera, finger-printed restricted bay doors to keep data safe and secure
- Portable storage based devices not allowed inside the working bay e.g. camera mobile, pen drives, CD etc.
- By E-mail: We have our own dedicated and secure VPS server so that client can deliver project files on email.
- By Secure FTP: We provide client access to our secure FTP server by which he can deliver the project files.
How files are delivered to project managers and team members?
Individual Employee Access: Once we receive the project files our IT team member provide access to those files to selected project manager first and then to selected team members on managers request. Each employee has individual account on our server and accessibility to it is secured.
How team members share project files during the project?
Individual and Restricted Team Folders: Every team has their dedicated folder on our server to which only members of that particular team has access to. So team members can easily share files during project securely.
How files are delivered to client?
As per the convenient and mode chosen by the client our project managers deliver the final project files either by:
- PPMS Project Delivery Tool: Our project delivery tool uses 128 bit SSL encryption and can securely deliver the project files to the client.
- Secure FTP: We can also deliver the project files through our secure FTP server.
- E-Mail: We have our dedicated VPS mail server so project files can be delivered securely by e-mail.
What happens to project data after its completion?
After completion of the project all the data is removed from the individual accounts of the employees and stored securely on separate account in server to which no one has access to except our IT Manager for a period of 2 year. Also all the FTP and PPMS (project delivery tool) access is retained for the same period.
We confirm from client if he/she require the data after 2 years or not. If client is not interested in the data after 2 year then all the data is erased from our server and all access to FTP and PPMS is revoked. Finally all the data is moved to another backup directory on our server to which only our Management has access to.