InfiGrowth

Security Measures Policy

Introduction

Infidigit Consultants Private Limited (“Infidigit”) is committed to protecting the security and confidentiality of personal data. This Security Measures Policy outlines the measures we implement to safeguard our systems, networks, and data from unauthorized access, use, disclosure, alteration, or destruction.

Security Principles

We adhere to the following security principles:

  • Confidentiality: Protecting personal data from unauthorized disclosure.
  • Integrity: Ensuring the accuracy and completeness of personal data.
  • Availability: Ensuring timely and reliable access to personal data.

Security Measures

We implement a variety of security measures to protect personal data:

Physical Security:

  • Access Controls: Restricting physical access to our facilities and data centers.
  • Surveillance: Using surveillance systems to monitor physical access to our facilities.
  • Secure Disposal: Implementing secure procedures for disposing of physical documents and electronic media.

Network Security:

  • Firewall Protection: Using firewalls to protect our network from unauthorized access.
  • Intrusion Detection Systems: Implementing intrusion detection systems to monitor network traffic for suspicious activity.
  • Secure Network Protocols: Using secure network protocols (e.g., HTTPS) to encrypt data transmission.
  • Regular Network Security Audits: Conducting regular security audits to identify and address vulnerabilities.

Data Security:

  • Data Encryption: Encrypting sensitive data at rest and in transit.
  • Access Controls: Implementing strong access controls to limit access to personal data.
  • Regular Data Backups: Regularly backing up our data to prevent data loss.
  • Incident Response Plan: Having a plan in place to respond to security incidents.
  • Regular Security Awareness Training: Providing regular security awareness training to employees.

Employee Training and Awareness:

  • Security Awareness Training: Providing regular security awareness training to employees to educate them about security best practices.
  • Background Checks: Conducting background checks on employees, especially those with access to sensitive data.
  • Employee Termination Procedures: Having clear procedures for terminating employee access to systems and data.

Third-Party Risk Management:

  • Vendor Risk Assessments: Conducting risk assessments of third-party vendors and service providers.
  • Contractual Safeguards: Ensuring that third-party contracts include strong data protection provisions.

Incident Response

We have an incident response plan in place to respond to security incidents promptly and effectively. This plan includes:

  • Incident Detection and Response: Detecting and responding to security incidents in a timely manner.
  • Incident Investigation: Investigating the root cause of security incidents.
  • Notification and Reporting: Notifying relevant authorities and affected individuals of security incidents.
  • Remediation and Recovery: Implementing corrective measures to prevent future incidents.

Regular Review and Updates

We regularly review and update our security measures to address emerging threats and vulnerabilities. We also stay informed about the latest security best practices and industry standards.