Forr's Keypunching Service, Inc.
Home     Data Entry     Imaging/Scanning     Legal Coding     e-Publishing     Data Processing     About Us     Contact Us      
Company Calendar
Site Map
Security/Confidentiality
Savings
Outsourcing
FAQ
Forr's Newsletter
Security and Confidentiality
Security vulnerability assessments are performed annually on Forr’s external network connections.
With the installation of a hardware based security appliance that has it’s own built in processor, embedded operating system and solid state design offloads security processing and will deliver a more reliable system because it operates independently from a computer or LAN. This provides high reliability with always-on security without the concerns of a fickle computer operating system and user errors. The user cannot turn off a firewall service or disable virus protection on their computer with the security appliance always on, always reliable.

Our updated network will deliver enhanced layered security whose technology scans traffic for malicious threats such as viruses, worms, Trojans and spyware. Administrators can configure policies that require that every computer accessing the network have the most recent version of anti-virus and anti-spyware software installed and active.

We are further securing the network with a dynamically updated firewall that will scan all network traffic for threats. The firewall will act as a first line of defense against back door attacks into our network. The firewall can also generate summaries about the kinds and amounts of traffic passing through and attempts that may be made to break into a network. The firewall will protect against unauthorized access to the local network and will close the back door to the corporate network.
Forr’s IT administrators will stay up to date with new tools and technologies and continue to bolster the security of our network. An annual performance and security check will be performed on the network and all connected devices.

 

With the installation of a hardware based security appliance, it will generate a one time password, in addition to a user's default username and password, for login. This tokenless, two factor authentication is achieved by combining a unique one-time password, with the user's network user name and password, providing enhanced protection against key loggers. The one time password feature provides additional security for user authentication by protecting against identity thefts caused by key loggers. After a user enters his or her regular user name and password, the user receives a temporary one time password that is generated by security appliance. This one-time password needs to be entered into the login interface for additional security before the user can gain full access to all the applications behind the corporate network.


Granular policy configuration controls enable network administrators to create policies that “lock down” a user to specific applications/resources and prevent users from viewing or using restricted network resources. A management interface allows for configuration, monitoring and updating the user policies. Granular logging and reporting capabilities provide detailed insight into network activity. Instead of operating under the premise of granting access to all networked resources and pare down, network resources are individually treated as objects and users’ access rights are object based such that users are only granted access to the resources that have been explicitly assigned to them. Access rights are constructed from the bottom-up (resource by resource) rather than top-down (all resources and then exclude).
 

Security of the Equipment
Equipment sitting and protection: We find there to be appropriate security of the network equipment and devices in our facility. Information processing equipment is handled carefully. The location of network devices has minimum access. We have taking action to minimize the risk of natural disaster like fire, flood, chemicals, etc. and the risk of theft.

Power supplies: Information processing will come to a halt in the absence of a suitable power supply so Forr’s has taken appropriate measures to prevent this from happening, including:

1. Taking power from multiple feeds of electric supply.
2. In case all the electric supplies fail simultaneously, Forr’s has an uninterruptible power supply (UPS) with adequate battery capacity capable of sustaining the initial load.
5. There is proper installation of emergency lights.
Cabling Security: Forr’s has schematics of power cables and communication cables on premise. Physical inspection will be done on a regular basis to assess the protection needs against damage, interference or interception.

Forr’s has and continues to establish the best practices for laying the network cables as well as power cables and ensure that these are actually implemented.

Equipment Maintenance: Due care is taken for equipment maintenance and proper records are maintained. Other measures taken are to maintain record of faults that were noticed and to maintain records of all equipment sent off the premises for maintenance.
 
Security of equipment off premises: The shrinking size of computers and expanding wide area networks have made the computer equipment extremely mobile. Securing these devices is important to Forr’s. Policy’s include: administrative controls like permissions and corporate policy on use of mobile computers in places like airplanes, physical controls like securing the devices with security chains, alarms, and storing them at non obvious places, using access control devices like USB tokens and finally taking adequate insurance cover.

Secure disposal or re-use of equipment: Storage devices and their memory must be disposed of properly. Every such device will be subjected to a thorough erasing and overwriting to destroy the data. It may be desirable to physically destroy the media containing top secret information.
Secure Behaviour
Clear desk and clear screen policy: If an assignment or document set is classified as sensitive and has a confidential status assigned to it then the policy is "clear desk and clear screen policy" to ensure further protection of the information. The following guidelines are issued to staff dealing with the sensitive documents:
  • Lock up all documents and media when not used.
  • Protect the computers and terminals through use of key locks, passwords, and screen savers.
  • Fax and telex machines used for confidential information should not be left unattended.
  • Access to photocopiers and scanners is restricted after office hours.
  • Printing of classified information should be supervised and all printouts must be removed immediately.
  • Removal of property: Any movement of equipment, information or software should be only with proper authorization. All these movements are to be logged and records maintained for all outgoing and incoming items. Employees are made aware that spot checks would be carried out to ensure full compliance

 

Forr’s understands the importance of security in business. We feel we have secured the following areas: Perimeter Security where the network applications are protected from outside attack through firewall technology and intrusion detection. Communication Security where we can provide data confidentiality, integrity through VPN. Secure networking extends the communication security by protecting the underlying infrastructure from attack. Platform security to ensure that each device is available to perform it’s intended function and does not become the point of failure in the network. The security plan includes anti-virus checking and intrusion detection. Access security where each user has access to only those network elements and applications required to perform her job. Physical security where the network is protected from physical harm or modification which includes locked doors and alarm systems.


Forr’s has incorporated people and processes in the security planning by utilizing security policies (Forr’s can supply you with our Security Policy Handbook if requested), providing security awareness training and enforcing the policy to make the security program stronger. The people who use the network must understand and adhere to security policies. Forr’s IT administrators will stay up to date with new tools and technologies and continue to bolster the security of our business’s data. Employees will be vigilant and stay on guard to protect sensitive data. Forr’s now has a written security plan and it is given to each employee with the emphasis that it will be enforced.

Physical Security
Physical entry controls: Forr’s has ADVENT Security installed on all entry points into the building. All doors are equipped with an alarm which is set daily after the last shift. Only Forr’s staff has knowledge of the keycode to enter the building. The last person to leave the building always arms the building. Only the owner of the company, the Vice President of the company and the Operation’s Manager have the password to disable an alarm.

Securing offices, rooms and facilities: Forr’s Keypunching currently uses the most common physical security control for it’s secure rooms, which is traditional lock-and-key access. Individuals who need access to certain rooms or buildings are given keys for access.

Working in secure areas: Staff working in secure areas will be found to be trustworthy, competent and aware of their responsibility. They will be handpicked and trained. Duties will be followed with strict supervision. Third part personnel will be granted restricted access.
 
Backups
Data files are backed up on a daily basis. Incremental backups are performed every day at the end of the 1st shift.
Full backups are performed twice a month.
All data files are included in the backup unless client requests that they are not.
The backup tapes are archived for 2 years.
Hardcopy documents can be archived upon customer’s request. We have a destruction service where the documents can be double-shredded and disposed of. Documents can also be returned to the client at the completion of a project.
There is no intention to work with any other company or business partner on this project.