We give high importance to the security of data as we are dealing lot of confidential details. The Security Policy of Sweans BPO ensures that all Information Security Management requirements are noticed and are performing. Sweans BPO is working its way towards being an ISO 27001-certified company. We manages sensitive and vital corporate, customer information securely in addition to ensuring its confidentiality, integrity and availability. We have strong commitment in ensuring that the people, process and technology are secure.

Information Security measures employed by Sweans

• Dedicated Security Team.

• Engagement of professional consultants for information security expertise.

• Close monitoring of all the activities of data in network and associates.

• Vision of planning for ISO 27001-certified .

Our policy covers the following security controls:

• Dedicated Security Team.

• Engagement of professional consultants for information security expertise.

• Close monitoring of all the activities of data in network and associates.

• Vision of planning for ISO 27001-certified .

• Security Configuration Standards – Networks, OS & Applications

The organization-wide security configuration standards are covered under the procedure / policy “Meeting Security Requirements” and “Managing Security for Technology related infrastructure.” However, due to the nature of ITES business, which is client- / process-driven, the configuration standards are further mapped to the client requirement for respective engagements. Documentation for the same is prepared and made available through the final technology document for every respective engagement.

DESCRIPTION:

SALIENT FEATURES:

1.Network / System Level Security User authentication by means of a User ID and Password Password policy enforces user to change password regularly and maintains password history Service-specific access to infrastructure and applications Logical isolation of network based on engagement requirements 2.Firewall Checkpoint Firewall protecting entire network Firewall filters all incoming and outgoing traffic 3.Encryption Encryption at link level is done based on the engagement requirements Sweans BPO can support all standard encryption algorithms 4.Servers All physical security controls apply Bio-metric access to data centre combined with card access Under camera surveillance at entry / exit door Limited and controlled access to servers as per Sweans BPO’s “Need to have & Need to know” approach Logically separated from corporate LAN Access logs enabled for audit trails Backups as per business requirements

PHYSICAL SECURITY:

1.Access Cards Our BPO’s delivery area has an additional security measure with swipe card-based access controlled entry for associates. This make sure that unauthorized people have no access to the delivery area. Highly secured and confidential areas in Sweans BPO are further protected with a combination of access cards plus biometric devices. 2.Building Security Systems Our office in kinfra park is under tight security round-the-clock and access to the building is restricted to authorized associates. All physical entry and exit points are protected by efficient Security personals. The presence of security personnel is mandated at the campus entry / exit points (controlled by the Kinfra Management) as well as at the Sweans BPO (controlled by Sweans BPO’s management) 3.Associate Level Restricted and need-based access based on roles which are reviewed periodically. Above all, the attitude of the people we recruit is tested through Psychometric tests. Confidentiality contracts and non-disclosure agreements are signed with each associate and background checks are done. Strict norms, for information storage and disposal of data - both electronic and physical - are mandatory.


HIPAA

• All employees sign confidentiality agreements

• Access to software via password control

• Network protected by hardware firewall

• HIPAA awareness programs run on the floor.