Data Entry Security – Secure Data Entry
Security is dual level managed. One is physical level data security and other is the virtual, systems level data security. We take data security as a top priority element to ensure successful business functioning and provide highly secure data entry and processing.
Access to spaces of Data Entry India office and project batches are restricted and controlled through access cards thus making it possible for only the data entry team concerned with a respective project to have hands on access to files and systems containing such files.
We have also implemented default alarm systems for notifying incase of any intrusion or hack attacks.
The virtual systems are further workflow controlled using software and hierarchy definition protocols. The management of access to files is controlled through domain controllers and practically every action taken by any resource is logged on to our servers for monitoring.
A typical data theft happens from a disgruntled employee, no system data can be taken out unless otherwise approved by the governing superior. For any data to be removed physically, the operatives have to have access to secluded machines controlled and monitored by the most trusted members of the management.
Data Entry India also maintains data redundancy servers for disaster recovery and frequent back up of all databases is performed and updates maintained and provide secure data entry services to our clients globally.
Some of the policies implemented at our end include:
Workstation Security Policy
Security measures include:
- Restricting physical access to workstations to only authorized personnel.
- Securing workstations (screen lock or logout) prior to leaving area to prevent unauthorized access.
- Enabling a password-protected screen saver with a short timeout period to ensure that workstations that were left unsecured will be protected
- Complying with all applicable password policies and procedures.
- Ensuring workstations are used for authorized business purposes only.
- Never installing unauthorized software on workstations.
- Storing all sensitivity information, including protected health information (PHI) on network servers
- Keeping food and drink away from workstations in order to avoid accidental spills.
- Securing laptops that contain sensitivity information by using cable locks or locking laptops up in drawers or cabinets.
- Complying with the Portable Workstation Encryption policy
- Complying with the Anti-Virus policy
- Ensuring that monitors are positioned away from public view. If necessary, install privacy screen filters or other physical barriers to public viewing.
- Ensuring workstations are left on but logged off in order to facilitate after-hours updates. Exit running applications and close open documents
- Ensuring that all workstations use a surge protector (not just a power strip) or a UPS (battery backup).
- If wireless network access is used, ensure access is secure by following the Wireless Access policy
Access to Database User Names and Passwords
- Every program or every collection of programs implementing a single business function must have unique database credentials.
- Sharing of credentials between programs is not allowed
- Database passwords used by programs are system-level passwords as defined by the Password Policy
- Developer groups must have a process in place to ensure that database passwords are controlled and changed in accordance with the Password Policy
- This process must include a method for restricting knowledge of database passwords to a need-to-know basis.