We at C&R are sensitive to our customers’ concerns and ensure complete confidentiality and privacy  with respect to data/information that is provided to us by our customers. We conform to the industry’s best security practices relating to data security and privacy. Our delivery centre is ISO 27001:2013 certified by TÜV Rheinland and our GDPR compliance is monitored by DataGuard as our DPO

C&R Key Security Objectives

Establish Robust Process and Procedures

Effective Surveillance and Monitoring

Obtain Validation from Credible Independent Agencies

C&R Security Strategies

Maintaining Data Protection and Privacy of Data Subject

Preventing, Detering and Eliminating Misuse and Frauds

Adhering to Service Level Agreements

C&R Security Methodologies

Access control
  • Secure access to the premises through bio-metric access
  • Secure access to work area through bio-metric access
  • No access to data and client’s computers from outside the secure room
  • All round Surveillance through CCTV
  • Restricted access to computers and data
  • Restricted use of emails and internet
  • Secure access to data
  • No permission to carry any external media into the secure work area
Technology Practices
  • Robust servers with state of the art back up, antivirus, update procedures
  • Robust Firewall to prevent external access and hacking
  • Periodical vulnerability tests to test Firewall efficacy
  • Regular back-up to prevent data loss
  • Encryption of data
  • Clear desk policies
  • Disabling all external drives / media to prevent copying, printing and transferring the data
Management Practices
  • Detailed processes and procedures with the help of industry experts
  • ISO 27001:2013 by TÜV Rheinland
  • Regular training to staff on security procedures
  • Regular monitoring of compliances
  • Effective screening of employees during recruitment
  • Experienced and skilled IT maintenance
  • Signed contracts and NDAs with employees and users as a strong deterrent

Compliance & Certification

 

This Standard specifies the requirements for establishing, implementing, maintaining and continually improving the information security management system within the organization. Maintaining the Confidentiality, Integrity and Availability of client data is essential. Certificate issued by TÜV Rheinland.

The General Data Protection Regulation (GDPR) lays down the rules in relation to protection of data of natural persons while processing personal data and on free movement of personal data. Initial GDPR guidelines were for European Union and member states and later UK created Data Protection Act in 2018. DataGuard is our DPO in the UK. Know More.

Need to know more?

Get in touch