1. Purpose
Effective measures for data and information security are essential conditions for a reliable and unwavering outsourcing clients, partners, associates and employees. Aware of client concerns for data breaches and misuses; VMD CAD & Graphic Technologies Pvt. Ltd., (VMD CAD) offers to make assured data and information security an integral component of outsourcing contracts to generate client confidence. Our stringent security policies fully compliant to project information criticality, pace, and scale of outsourcing aim at improving vendor-client collaboration, mutual trust, and ethical business practices.
We use a variety of technologies, data formats, and measures that eliminate the risk of information breaches, secure data from becoming privy to unintended recipients, and allow full control and use of data only for specified purposes.
2. Policy
VMD CAD, Information Security Policy: Key Features are as follows:
• Data protection and controlling at transmission, supplier/vendor premises, and workstations.
• Comprehensive information security before, during, and after the project completion.
• Compliance to information security in all data formats.
• Use of latest technology for data security.
• In-house professionals and CAD processing to prevent information breaches.
• Effective regulatory framework in place to fully meet present security threats.
• Provision for additional security as per client/ project requirements.
• Regular security audit of Information Systems and CAD data usage at every level.
• Implementation of integrated and unit-wise steps for client data and information security.
• Identification of possible breaches for every project and creating and enforcing effective mechanism to prevent the same.
3. Data Security Safeguards at VMD CAD:
We have strict security practices at a number of levels to counter Information Systems and CAD data security breaches. These are as follow:
•
Confidentiality & Non-Disclosure Agreement: VMD CAD is ready to sign Non-Disclosure Agreement with clients as and when it is requested for. This testifies our willingness to convert the data security commitment into a legal binding instrument guaranteeing top-level information security practices. Our professional employees are bound by Confidentiality & NDA terms and security practices explicitly mentioned in their employment terms.
•
Backup & Restore Process: We backup the files regularly and keep them in secure zones with restricted access. All data on the main drives are deleted / purged on the daily / weekly basis.
•
Cleanup Process: We do not backup data for project completed without explicit client request. The data was either destroyed or returned back.
•
Data Encryption: Wherever applicable, encrypted email, folders, and files assure data confidentiality and eliminate the risk of breaches during the sharing processes.
•
Data Sharing: Only authorized employees are allowed to share data and that too within set information security guidelines. VMD CAD does not allow sharing of source files.
4. Data and Information Security: Reliable and Secure Network:
We use Secure Seqrite VPN and Network empowered with latest security upgrades. It helps to constantly supervise and overcome unwarranted accesses and firewall breaches. Secure Cisco Manageable Switches are installed to secure information transformation through reliable Seqrite VPN Tunnel and block HTTP, UDP port, and other security threats.
5. Employee Access Control:
We restrict information inflow at various individual employee levels that prevent unauthorized access, data misuse, and information breaches. These include the following measures.
• Protected system access only for employees working on the project.
• Network logins protected by password.
• No remote access is allowed.
• Access Card for common office and work station areas.
• All emails and files are encrypted with mandatory digital signatures.
• Single sign-in and password protected systems and enterprise applications.
• 24-hour security surveillance and advanced technology for monitoring.
• Separate security and administrative monitoring.
• USB ports, CD, and other storage devices are not allowed.
• Regular system auditing.
• Latest anti-virus programs for every work station.
• Centralized backup management.
6. Incident Reporting
If an account or password is suspected to have been compromised, incident shall be reported through an Incident Management System and a consistent process shall be followed for identifying, reporting and investigating the issue until closure. All incidents are adequately documented along with its occurrences and mitigation techniques.
For more information on VMD CAD, Information Security Systems please:
contact us.