No part of this document may be reproduced, stored in a retrieval system, distributed or transmitted, in any form, or by any means, electronic or otherwise, including photocopying, reprinting, or recording, for any purpose, without the express prior written permission of Next Gen Paper Solutions Pvt. Ltd., Gurugram, Haryana; hereinafter referred to as “NGPSPL”.
: For information requests or for obtaining permission for the use of this work, please submit a written request to: Sales & Marketing, Next Gen Paper Solutions Pvt. Ltd., Plot No - 424, First Floor Udyog Vihar, Phase-IV, Gurgaon (Haryana) - 122016 India.
S.no | Version | Date | Author | Approval by | Remarks | 1 | 1.0 | 30 November, 2018 | Nandita Saxena | Naresh Chand | Draft, Supersedes the earlier documented versions and updated with respect to current practices. | 2 | 1.1 | 07 February, 2020 | Nandita Saxena | Naresh Chand | Minor Changes - making it ready for implementation phase | 3 | 4 | 5 |
---|
Table of Contents |
|
1. Purpose | ..................................................................................................................................... 4 |
2. Policy | ..................................................................................................................................... 4 |
3. Data Security Safeguards at NGPSL: | ..................................................................................................................................... 4 |
4. Data and Information Security: | ..................................................................................................................................... 5 |
5. Employee Access Control: | ..................................................................................................................................... 5 |
6. Incident Reporting | ..................................................................................................................................... 5 |
7. References | ..................................................................................................................................... 5 |
Effective measures for data and information security are essential conditions for a reliable and unwavering outsourcing clients, partners, associates and employees. Aware of client concerns for data breaches and misuses; Next Gen Paper Solutions Pvt. Ltd., (NGPSPL) offers to make assured data and information security an integral component of outsourcing contracts to generate client confidence. Our stringent security policies fully compliant to project information criticality, pace, and scale of outsourcing aim at improving vendorclient collaboration, mutual trust, and ethical business practices.
We use a variety of technologies, data formats, and measures that eliminate the risk of information breaches, secure data from becoming privy to unintended recipients, and allow full control and use of data only for specified purposes. NGPSPL is also certified for ISMS (ISO 27001:2013) and maintains all processes and procedures laid down as per ISMS policy and procedure manuals. This document defines overlapping additional procedures and controls
NGPSPL is committed to ensuring that all data including employee data and data / documents from NGPSPL clients, secure at all times, and have implemented appropriate technical and organizational measures against the unauthorized or unlawful disclosure of such information, and so as to prevent its accidental loss, destruction or damage.
NGPSPL Information Security Policies includes the following features:
No content, images and / or software may be downloaded from this web-portal. To the extent necessary, NGPSPL declares that it holds exclusive and full proprietary rights to its content, images and / or software, and that it does not transfer these rights.
We have strict security practices at a number of levels to counter Information Systems and data security breaches. These are as follow:
We use Secure VPN and Network empowered with latest security upgrades. It helps to constantly supervise and overcome unwarranted accesses and firewall breaches. Secure Switches are installed to secure information transformation through reliable VPN Tunnel and block HTTP, UDP port, and other security threats.
Personal access to NGPSPL’s information systems will only be via a secure username and password. The username and password for each individual is unique and only allows access to their own personal information. Only certain authorized staff, who are required to have access to the personal information of other employees and client data for the purposes of their job role, will be authorized and will have the necessary access rights to do so. They will receive relevant training and will be asked to agree to abide by the terms of this Data Privacy and Protection Statement.
We restrict information inflow at various individual employee levels that prevent unauthorized access, data misuse, and information breaches. These include the following measures.
If an account or password is suspected to have been compromised, incident shall be reported through an Incident Management System and a consistent process shall be followed for identifying, reporting and investigating the issue until closure. All incidents are adequately documented along with its occurrences and mitigation techniques.