Offshore Business Process Outsourcing -
The CFS Edge

  • A pioneer in India-based offshoring with over a decade of experience in
    call center outsourcing
  • Expansive domain knowledge in diverse fields of offshore outsourcing
  • Multi-location delivery (offshore and onshore) centers in India (Bangalore)
Technology Security
Home bullet4 Services bullet4 Technology Security

Ensuring Your Security – the CFS Assurance

 

Customer Focus Services prides itself on the security we provide to our clients and their customers from external and internal malfeasance. We have a Physical and Environmental Security Policy in place, which applies to the entire gamut of information processing facilities that are under the direct management control of Customer Focus Services. The objective of this policy is to ensure that Customer Focus Services' information processing facilities are protected against loss due to theft, fire, flood, catastrophic power failures and unauthorized entry.

 

Employee/employment


Customer Focus Services' personnel policy covers all personnel who are on the employee rolls of Customer Focus Services, as well as those personnel who might be contracted by Customer Focus Services from time to time, including temporary staff, project students etc. The objective of this policy was to have in place stringent guidelines so that users understand security considerations and their implications (legal or otherwise) at the recruitment stage itself. All the employees sign a confidentiality agreement and third party users of Customer Focus Services' information processing facilities sign a non-disclosure agreement.

 



Sensitive document/data disposal


The Clean Desk Policy in Customer Focus Services covers the precautionary measures for end-user computing facilities of Customer Focus Services, namely desktops, digital phones, workstations and laptops. The objective of this policy is to educate users on handling any electronic resources like computers, digital phones, laptops or any other electronic device belonging to Customer Focus Services Systems Private Limited.

The scope of this policy covers the following:


:: Monitoring access to the work environment

:: Monitoring access to storage facilities

:: Requiring the secure disposal of restricted and confidential Customer Focus Services information


Employees are trained to maintain their personal computers and work areas with a strong emphasis on security, to reduce the risk of fraud and data leakage of restricted and confidential information of Customer Focus Services.



Data access


Customer Focus Services has a comprehensive User Registration Policy, which covers all stages in the life cycle of user access, from the initial registration of new users to the final de-registration of users who no longer require access to information systems and services. The objective of this policy is to prevent any chance of unauthorized access to information systems due to administrative failures. Formal procedures are in place to control the allocation of access rights to information systems and services.


 

Data transmission/receipt


The exchange of transmission acknowledgments allows receipt of data to be proactively verified within agreed time parameters. Special privileges allowing security account set-up and administration are limited to only those individuals who are responsible for such activities. Appropriate controls are implemented on the FTP server to restrict upload permissions to select individuals. The rules in the firewall rule base are also appropriately placed as the firewall performs sequential checks.


 

Data encryption


The encryption capability provided by EFS (Encryption File System) is used to encrypt user-specific files. This will offer a high degree of protection for your sensitive/confidential information from unauthorized local and/or network access.

 



Voice Access


Voice access permissions are strictly for business purposes. Individual users are provided with secure passwords to retrieve their voice messages. Accounts of employees who have been terminated/resigned from the services are disabled. Access to voice systems is subject to authorization from the respective Department Heads.

 



Voice Transmission/Data Classification


Information is handled according to the classification accorded to them. All information, physical or electronic, with sensitive classification are labeled. For physical documents with sensitive classification, "confidential" is printed in bold on the right hand top corner or the document is water marked "confidential". For electronic information with sensitive classification, sensitive classification is indicated wherever possible. For example, subject of an email may have a "confidential" stamp. All information accessed / possessed within the company has a designated Information Owner. The department head is the information owner of the information accessed / processed in the process they handle within the department's scope and are responsible for assigning / maintaining appropriate information classifications. Files/e-mails/printouts created by individuals are owned and classified by them.


 

Audit Logging


The Audit and Compliance Policy in Customer Focus Services covers all areas within the organization, and is considered for regular review to ensure compliance with security policies and standards.

These include the following:


  • Information systems
  • Systems providers
  • Owners of information and information assets
  • Users
  • Management

The security of information systems is regularly reviewed. Such reviews are performed against the appropriate security policies and the technical platforms and information systems, which are audited for compliance with security implementation standards. Owners of information systems support regular reviews of the compliance of their systems with the appropriate security policies, standards and any other security requirements.


 

Data Retention/Media Storage


The backup and restore management procedure outlines the methodology for backup, recovery/restoration of data including media rotation and storage for all servers at Customer Focus Services. Proper labeling of media, and handling and storage of tapes are carried out for data storage and retention so that the tapes are not used beyond the specified period, i.e. the ‘date of expiration’ of the tape. The on-site backup tapes are stored securely inside a fireproof cabinet at an identified place.

Infrastructure/Data Protection/Safeguards (e.g., A/V, IDS, Firewalls, etc.)

Anti Virus Policy: This policy applies to all computing facilities of Customer Focus Services that are susceptible to virus/worm attacks. Anti virus software is deployed on the Gateway, Firewall, Mail server, and other servers and workstations in the Customer Focus Services network. The software supports scheduled scanning and real time or ‘on access’ scanning (i.e. the scanning of files for viruses as they are accessed.). Scan includes the compressed files. End users ensure that the latest version of the Anti-virus software is maintained on their respective workstation/laptop.


 

System Change Management Policy


This policy aims at establishing formal change control procedures that must be enforced whenever changes to information systems take place.

The Change Management guidelines focus on the following parameters:


 
  • Identification and recording of significant changes
  • Assessment of the potential impact of such changes
  • Formal approval procedure for proposed changes
  • Communication of change details to all relevant persons; and
  • Procedures identifying responsibilities for aborting and recovering from unsuccessful changes


 

Privacy Safe Guards


CFS increases your brand value, contributes to outstanding customer satisfaction, and saves you money over your current options