Pacific Global Solutions Limited is an ISO 9001:2015 certified company. The ISO 9001:2015 is the international standard for quality management system. This certification ensures that we meet the required standard of Customer focus, Leadership, People Engagement, Process driven approach, Process Improvement, Evidence-based decision making, Relationship Management in all our core functions.
Pacific Global Solutions Limited is an ISO 27001:2013 certified company. The ISO 27001:2013 is the international standard for ISMS – Information Security Management System. This certification ensures that we meet the required standards for information security policies, physical security, environmental security, asset management, compliances and a host of other standards that we meet for establishing, implementing, maintaining and continually improving an information security management system.
Our physical infrastructure set-up process ensures that we are able to achieve the following primary goals
Best-in-class infrastructure deployment
Industry best standards of security
Continuous review and improvement
We have implemented the below to meet our physical infrastructure objectives.
fixed office and workstation for every employee
Entry to every floor restricted only to employees stationed at the particular floor through biometrics access control
24/ 7 surveillance through CCTV cameras
No cell phones allowed on the floor. Cell phones stored in the lockers outside the office.
Access granted to team leads and above
Necessary fire safety equipment in place.
SSL VPN for Work From Home
Website Filtering, Content Filtering on Firewall
Systems are password protected
Group Email ID by client
Folder rights based on client allotment
Internet browsing restricted by firewall
Whitelisting domain – only authorized person can send out an email
No USB access or any other external drives
No office wi-fi access on cell phone
Access to Client’s server in secured environment through VPN / Secured RDP / Citrix
Access for Client’s data to only those users who are working on the client’s account
Restricted user profile for the users based on their roles
Accounting System access protected through password
Accounting System rights assigned as per the role of the users
Many of our clients prefer to send the documents to PABS team through dedicated Group e-mail ID, dedicated fax number or Secured FTP
This measure is to define strong password. Passwords are combination of capitals, lower-case letters, numbers, and symbols.
We have high availability of firewall to protect our network. Firewalls policies are configured to have complete control on incoming and outgoing internet traffic in our network.
Antivirus and anti-malware in place to protecting our company Data. It has strong capabilities to prevent, search for, detect and remove viruses but also adware, worms, trojans, and so on.
All computers are regularly patched and updated by centralized update server.
Laptops are portable so there is a higher risk that they can be stolen so we have disk level encryption across our devices to encrypt all the data. In doing so, without the right password, our computer’s Data is unreadable.
Schedule backups on defined frequency as per data backup policy.
We believe Prevention is the best way to keep our Data safe. We provide regular trainings to our employees about data security awareness.
This policy stipulates the constraints and practices that an employee using organizational IT assets must agree to in order to access to the PABS network or the internet. It is standard onboarding policy for new employees.
This policy is to define access available to employees in regards to PABS data and information systems. This Policy includes access control standards and Implementation Guides. This policy has standards for user access, network access controls, operating system software controls and the complexity of passwords.
PABS change management policy refers to a formal process for making changes to IT, software development and security services/operations.
PABS information security policies are typically high-level policies that covers a large number of security controls. This policy is designed for employees to recognize that there are rules that they will be held accountable to with regard to the sensitivity of the PABS information and IT assets.
The incident response policy is an organized approach to how the PABS manages incident and remediate the impact to operations.
The remote access policy is a document which outlines and defines acceptable methods of remotely connecting to PABS internal networks.
PABS email policy is a document that is used to formally outline how employees can use the business’ chosen electronic communication medium.
Disaster recovery plan as part of the business continuity plan. If the event has a significant business impact, the Business Continuity Plan will be activated.
BCP Plan describe how the PABS will operate in an emergency.