Data and Security

Data and Information Security

NEXT BPO takes security and confidentiality of client data and information very seriously and that is why we have implemented stringent security safeguards and processes for every information touch-point. Since our processes are clear and well-defined, we are able to immediately detect and handle any information breach.

Our security process comprises of four stages: Planning, Protection, Detection, and Response. These four stages drill down to all security aspects related to People, Technology, Physical, and Network infrastructures.

People and Culture

  • Adequately trained teams which understand clients' security requirements.
  • Legally binding confidentiality agreements for all staff members.
  • Information is shared only with people involved directly in the project, on only need-to-know basis.
  • NEXT BPO ensures staff's awareness and sensitivity towards security issues and imparts special training for clients where additional security is required.

Technology

  • Technology-driven detection systems to ensure complete data security.
  • No external drives on the systems to prevent data theft by the staff.
  • Back-Up Drive Management for all workstations with restricted print permissions to prevent misuse.
  • Well-maintained audit trails for all our system activities including internet usage.
  • Network and Windows Login, PC "locking" and secure email with digital signatures.
  • Single sign-in to enterprise and desktop applications.
  • 100% redundancy for business continuity.
  • Power redundancy through power failover system, UPS and power generators.

Physical Security

  • Security personnel man our centers 24/7.
  • Stringent electronic smart card access control for all employees/visitors who enter our premises.
  • Additional access control devices and CCTV monitoring systems to restrict un-authorized entry into our centers.
  • Fire prevention and disaster evacuation plans and procedures for minimum damage.

Network Security

  • Totally secured VPN Network with FORTINET VPN Tunnel to Client, to block all Peers from Peeping in.
  • Secured CISCO managed switches and Fortinet Network Assistant optimized for LAN along with Fortinet Firewall to block all ports for HTTP, FTP, TCP/IP, UDP and even ICMP.
  • Facilities for administrative monitoring, auditing and reporting to secure data at every stage.
  • No hardware resources available on the network.
  • Workstations and networks are secured by anti-virus, anti-malware, anti-phishing, spam blockers, URL filters, and other standard protections.

Security Management Process

Plan

  • Systems
  • Process
  • Training
  • Documentation
  • Awareness

Protect

  • Identification
  • Authorization
  • Confidentiality
  • Integrity
  • Enforcement

Detect

  • Accountability
  • Audit
  • Intrusion Detection
  • Non Repudiation
  • Availability

Respond

  • Triage
  • Recovery
  • Reliability
  • Corrective Action
  • Improvement