Security is highly emphasized in EraDoc's own BPO's and partnered BPO's, of which 3 aspects of security measures are done to secure the confidentiality and integrity of customer information, namely Physical Security, Workflow Security and Data Security.
Physical Security
- The site is secured using smart card and access lock, through which all access in and out is controlled.
- Log book for each visitor at the main entrance level and visitor badge shall be wear all times during visit
- CCTV has been installed to keep track of the operation and regular management review is carried out.
- No personal belongings are allowed to be brought into the operation rooms.
- Dedicated operations room is assigned for each customer, offering high level of confidentiality of the documents/images being processed.
Workflow Security
- All operation workflows have been clearly documented as per ISO requirement to offer the highest security and integrity to customer’s assets.
Data Security
In order to offer the best protection to customer's data, five different levels of security control have been applied during the process of transmission, storage and processing.
- Centre Protection:- Firewalls are set up in our data centre to prevent any illegal access from outsides. Our firewall is used with features like VPN, intrusion protection as well as NAT/PAT support. The beauty of these features is to ensure data privacy/integrity and strong authentication to remote networks over internet, support 56-bit DES and 168-bit 3DES data encryption to ensure data privacy, with ability to dynamically block/shun hostile network nodes via the firewall as well as to allow multiple users to share a single broadband connection using a single public IP address.
- Data Storage:- All customer data reside in the server will remain encrypted until the data is processed. Decryption will be done through application.
- Access Control:- User ID and password will be used for every application. Only authorized operators can access the application as well as customer's data.
- Audit trail report:- Complete log report will be generated to monitor every transaction made during processing; ensuring customer's data is handled properly.
- File Eraser:- Processed files upon transmission will be erased using the software File Eraser to ensure that no data recovery can be made illegally.
|
