- Securing user password. Authorized users are responsible for the security of their passwords and accounts, sharing of password to other team members and users are not allowed. System level passwords should be changed quarterly; user level passwords should be changed every 90 days. As a minimum, passwords are recommended to contain upper AND lowercase alphabetic, numeric and special characters.
- Computers is set with automatic screen lock activation feature set at 10 minutes or less when user is away or unattended.
- Employees using corporate email are required to add the Confidentiality Notice (This e-mail message (including attachments, if any) is intended for the use of the individual of the entity to whom it is addressed and may contain information that is privileged, proprietary, confidential and exempt from disclosure. If you are not an intended recipient of this e-mail, you are not authorized to duplicate, copy, retransmit or redistribute it by any means. Please delete it and any attachments immediately and notify the sender that you have received it in ) in their email signature.
- File Sharing Access. File sharing polices are controlled by a domain administrator only and adding user’s access to the fileserver is only possible if folder access is granted by the immediate This is to ensure only authorized employee can access the specific folder or file. Also, limited file formats are allowed to be saved in the file server.
- All computers and servers are protected by anti-virus software that will block viruses, malwares or suspicious activities that already has signature in its database.
- Windows Update applied to all Servers and Workstations thru WSUS Policy filtered by the Administrator.
- Regular checking of Domain Server, DB Server and ERP Server Event viewer and logs.
- Sending broadcast to all employees to take extreme caution when opening e-mail attachments received from unknown senders, which may contain viruses and malwares. Our endpoint security can detect suspicious URLs and attachments and blocks it right away.
- Network Using firewall policy, identifies suspicious websites and network activities made by servers or workstations connected to our network. Continuous network hardening.
- Network Access Restrictions allows only Company owned devices to connect to the Company’s Guest access was given to guests and other employees using personal devices if needs to connect to the internet. Blocking will be done if not followed. Weekly network monitoring is done to identify devices connected to the network and remove unauthorized connections. VPN Access to allow Company devices to securely access company resources such as files and services whenever they are outside the office. This applies to Work from Home and Teleworker Setup.
- Restriction to access non-business-related Group policy is applied according to department’s needs. Example: Social Media Access for Selected Marketing Personnel only whose doing digital marketing.
- Websites Secured Sockets Layer (SSL) is enabled for keeping internet connection secure and safeguarding any sensitive data that is being sent and transferred between users and sites or between two It uses encryption algorithms to scramble data in transit, preventing hackers from reading it as it is sent over the connection. This information could be anything sensitive or personal which can include credit card numbers and other financial information, names and addresses.
- Ensuring secured payment processing thru website from our clients by partnering with online payment gateway that offers secured payment processing and Payment Card Industry Data Security Standard (PCI-DSS) compliant. The card owner is the one who enter their card information in the portal, One-time-password is being sent to the card owner to confirm card transaction. Transaction confirmation will be sent thru their email addresses. Transaction confirmation doesn’t include card information.
- For the ERP application accessible in the web; SSL is used for secured and encrypted data thru network to prevent phishing, cross site objects, Network firewall, the domain redirects on network wherein IP is mask thru network, separate database and application server – Database server is in private network (3 Tier architecture), ERP Security like Built In encryption on transfer in of data, blocking of Add-Ins that may cause phishing or transferring the data from the Application to other domain site and blocking of web console to eliminate runtime editing.
Your search results