Data Security

Data and IT Security Policy

CyberData India, Sanchi Building, 2nd Floor, 77 Nehru Place, New Delhi 110019 follows clearly documented processes to ensure IT and Data security is not compromised. Our business is the conversion and protection of valuable data and we depend on these security measures for our success. We have never had an instance of compromised client data.

Measures in place CyberData India include:

Data Transfer

  • All input images and text data are stored centrally on server, not on local machines
  • Individual FTP site for each client. Only authorized personnel can access the FTP.
  • Data transferred from clients via FTP, emails, portable media.
  • Sensitive client data transmitted via FTP only after encryption and password protected. Password and data files never sent in same email if data being sent via email.

IT Security

  • Daily backups performed on-site of data created at the end of a shift by authorized personnel.
  • Weekly off-site backup performed and data stored on the cloud. All data stored is encrypted and password protected.
  • Security awareness training to staff is provided before they are allowed to access data.
  • No usage of pirated software.
  • Strong and complex password policy followed. Passwords are minimum 8 characters and a mix of alpha, numeric and special characters. More than three wrong password attempts would lock-down a work station.
  • Sensitive client data is stored for the agreed period after which it is deleted. IT Team does an audit of the data stored in a server periodically to ensure no data is stored beyond the agreed period.

Computers

  • Implemented Windows ISA server (provides enhanced file level security; allows us to lock and track anything that's done to a file on a server).
  • All workstations and servers protected with Symantec anti-virus.
  • Server room locked and secure; access only permitted to IT team.
  • No means for individual employees to get data off of their workstations the restrictions in place on each computer:
  • a. No disc drives or means to burn CDs or capture data
    b. No USB dongles
    c. No printer access
    d. No camera capture devices including mobile phones

Internet Access Policy

  • No internet access for general workstations. Internet can be accessed only by limited personnel who are responsible for transmitting client data or working on online servers through VPN.
  • Access to social networks, personal emails, chat restricted during working hours and can be done only after authorization.
  • Downloading of software and other executable files strictly prohibited without proper authorization.

Premises Security

  • Buildings are both safe and secure:
    • Physically secure environment
    • CCTV monitoring of entire working area. CCTV footage archived for 30 days
    • Safe from water or moisture damage.
    • In accordance with Health and Safety legislation.
    • Protected from fire hazards. Fire safety audit done annually by Govt. Fire department.
    • Protected from intrusion by unauthorised personnel. Round-the-clock security guards.
    • All guests are required to sign in when visiting CyberData India facilities