CompuPacific featured by Forbes.com
01 February 2008
CompuPacific named in Top 100 global service provider list
Security
We take security seriously and are ISO 27001 (BS7799) certified. We have good practice in terms of:
- Physical security
- Human resource practice
- IT systems
Data protection
CompuPacific understands the critically and sensitivity of your data and places the highest value its security. We continually review our security policies, training and technology to comply with international standards including the UK’s Data Protection Act and the European Union’s Directive 95/46/EC.
To allay your data security concerns, CompuPacific controls risk in several ways:
- Secure, guarded and monitored production facilities
- Access controls to images and data on network servers
- Careful monitoring and restrictions to access the Internet, email, the internal network and files (password and login/logout procedures)
- Isolated networks and partitions for customer specific operation and data segregation
- State of the art firewalls, anti virus, and intrusion detection, with regular updates of all patches and versions
- Document and data transfer through Virtual Private Network (VPN) or encrypted transmissions
- Backup and disaster recovery procedures to avoid data loss and minimise downtime
- Routine destruction of documents and data after customer confirmation
- Background checks on all personnel.
- Security training and awareness program, and signed confidentiality pledges for all employees
Furthermore, each CompuPacific operation centre is housed in a secure building. Access to offices is restricted and monitored by company personnel. Computers are strictly controlled and monitored and do not include equipment for downloading or copying data. We never use portable production equipment.
Network resilience
CompuPacific's network is designed to provide redundant internal protections and to allow secure communications with clients and vendors.
The backbone is Internet Gateway Architecture that connects resources while maintaining an acceptable level of security and functionality. An additional level of protection is in place as a safeguard against any internal security compromise. Internal firewalls protect all key servers and VLAN settings separate segments on the same network within our organisation.
Essential security components of CompuPacific's network include:
- Policy and Procedures
- DMZ
- Firewalls
- Switches
- Host Operating System Hardening
- Security Monitoring
- Vulnerability Assessment
- Availability
- Ability to maintain a certain rate of uptime on all established services
- Timely replacement of any failed component
Additional controls exist at each layer that provides security functionality, such as:
- Encryption
- Remote Access Restrictions
- System Access Control and Auditing
- Application Access Control and Auditing
Internet access assurance
Six high-speed Internet services connect CompuPacific to the world. All lines are provided by different independent vendors to assure reliability through redundancy.
Disaster Recovery
CompuPacific delivery centres all have Uninterruptible Power Supply (UPS) and backup generators. In case of a serious incident, CompuPacific's Incident Response Team will follow a disaster recovery plan to restore production within the shortest possible time. Several off-site facilities may be used to recover production if the main facility is unavailable.
In the event that the full production area and data centre are unusable, production can be recovered in 6 to 12 hours at four pre-selected off-site locations.
Furthermore, CompuPacific also maintains working arrangements with other IT-enabled service providers in other parts of the world. In the event of an international episode or serious Internet interruption, we are capable of rerouting projects to partners without workflow disturbances.