One Standard of Security.
Our commitment to security is built on a single, robust framework of minimum control requirements. This unified standard governs our internal operations and is a mandatory requirement for every supplier and partner in our ecosystem.
Our Unified Security Framework
We adhere to and enforce a comprehensive set of controls across our entire organization and supply chain.
Governance, Risk & Compliance
Our Information Security Program is aligned with industry frameworks like NIST and COBIT, with annual risk assessments, continuous control validation, and ongoing security awareness training for all personnel.
Data Protection & Privacy
All confidential information is protected by industry-standard cryptography, both in-transit and at-rest. We employ Data Loss Prevention (DLP) solutions and robust cryptographic key lifecycle management to safeguard sensitive data from exfiltration.
Identity & Access Management
Access is governed by the principle of least privilege and "need-to-know." We enforce multi-factor authentication for all external connectivity and privileged access, utilize unique IDs, and have a documented process for managing and recertifying all user access.
Secure Operations & Engineering
We follow a secure SDLC, maintain hardened security configurations, and run a comprehensive vulnerability management program, including regular scans and penetration tests. All systems are protected by malware prevention and intrusion detection systems.
Business Resiliency
We maintain and regularly test comprehensive Business Resiliency and Disaster Recovery plans. Our recovery strategies are designed to meet defined RTO/RPO objectives and address disruptions to staff, sites, applications, and critical third parties.
Supply Chain Security
Security is a shared responsibility. Every third-party supplier must contractually adhere to our Minimum Control Requirements. We identify, assess, and monitor our subcontractors to ensure our security standards are maintained across the entire service delivery ecosystem.
Have questions about our security?
We are committed to transparency. For more detailed information about our security program and control requirements, please reach out to our team.