Data Security Measures at Rayvat Accounting
We at Rayvat Ensure that Client’s data remains completely confidential with us. Data Security is at the helm of our affairs and we take the security of client very seriously. Here are some of the measures which we have for ensuring data security.
Some of the measures are forward looking measures which we plan to implement at various scales of operations.
1. Non Disclosure Agreement (NDA)
- Non Disclosure Agreement has to be signed by every Employee.
- The NDA would ensure that the data does not leak by the employees.
- It would make Employees Legally Liable for wrong done.
2. Employee Selection and Screening:
- Background Check would be performed before selecting an employee in order to ensure his integrity.
3. Login only through authorized IP:
- Employees would be prevented from logging through other than approved computing devices.
- Employees can access records only from the office premises.
4. Fidelity Insurance:
- A Company can have fidelity insurance from Wrong done by the employees. However the cost of same has to be Bourne by the client
- In India many insurers provide such insurance.
Some of the insurers are:
- National Insurance Co.
- New India Insurance co.
- Bharti Axa.
- Tata AIG Insurance.
- Oriental Insurance.
5. Location of Servers:
- The Servers would be located at remote place.
- None of the information would be stored on the local computing devise.
- The user has to remotely login to the servers.
- The information would be sent to the servers in encrypted format.
6. Physical Security:
- Employees should be allowed access only after taking thumbprint. That ensures the physical presence of the person.
- The work of employees would be monitored with the help of video cameras.
- Employees would not be allowed to enter with a recording device of any kind.
- Employees would not be allowed to use paper and pen for ensuring that information is not recorded.
- Diskless Computers: The computing devices would be diskless to prevent any unauthorized copying of information.
7. Defining the user level access:
- User level access should be defined to ensure that there is no unauthorized use of information.
- Changing of Passwords at frequent intervals.
- The access to the data would be discontinued when the data is no longer required.
- For Egg. Employee should not be given access to previous year’s data of client.
- Use of Information by each of the employees would be recorded.
- “Print” Option would be disabled for the users.
8. Audit of policies:
- Policies should be strictly followed.
- The policies would be handed to the employees to ensure that they are aware of the information security policies.
- Timely review of policies would be done.
- Timely IS audit would be done in order to ensure its implementation.
- Full time person should be there for the vigilance of the activities in order to prevent any wrong.