Consistent application of current anti-virus and encryption software; continuous system and data center monitoring to ensure compliance with security policies. We also conduct quarterly external vulnerability scans, an annual penetration test, and an annual gap/risk assessment.
Regular training and awareness programs focused on security and privacy to ensure workforce understanding and application of personal data protection best practices. We also enforce stringent privacy policies and governance standards for personal data treatment.
Locking doors and file cabinets, controlling access to our facilities, and the secure destruction of media containing personal information.