|
|
|
 |
We understand the sensitivity and importance of the data our clients have entrusted in us, and we go to the farthest lengths to protect and ensure availability of that data. Above all else, data confidentially, privacy, security, and integrity are our top priorities.
All aspects of our technology and security procedures deliberately mitigate risk and introduce precautionary privacy and data security features.
IT Platform Independence
We do not believe in asking our clients to change or upgrade accounting systems or other applications in order to outsource. Instead, we take a technology independent approach and leverage our clients' existing investments in technology. By preserving our clients’ IT platforms we not only minimize write-offs of investments already made, but we also ensure that the outsourcing solution completely integrates with our clients technology and security requirements.
All transaction processing by our onsite and offshore professionals is done using our clients' existing systems. Our professionals connect directly to client applications maintained on our clients' servers, thus ensuring that data security is not compromised.
Our professionals are skilled in working with a range of technologies and are experienced on most major and middle-market ERP systems including Oracle, SAP, and Microsoft Dynamics, as well as complementary enabling technologies.
Privacy and Data Security
We take the greatest precautions to ensure privacy and security of data. Our employees abide by a number of physical and cyber security policies which work to ensure data is never compromised. For example, employees are dedicated to a single client, are granted access only to that client’s information, and are restricted from taking any and all data outside of the OPI-client production area. Our offshore personnel operate in a paperless work environment and from “dumb terminals” where web access has been severely limited and often completely disabled. Furthermore, cell phone, cameras, disk drives and other memory devices are never allowed on the production floor.
This commitment to preserving the confidentiality, integrity, and availability of client information is further attested to by our ISO 27001 and SAS70 Type II certification. These certifications ensure that OPI meets high standards in the following important areas:
- Confidentiality - ensuring information is accessible only to those authorized for access
- Integrity - safeguarding the accuracy and completeness of the information processing methods
- Availability - ensuring that authorized users have access to information and associated assets when required. All data remains on client servers which allows our clients to maintain control of sensitive and confidential information
- Control - validates the effectiveness of design and adequacy of implementation for data related internal controls
Disaster Recovery & Business Continuity
Not only are we committed to ensuring client data is protected and secure, but we also take great efforts to ensure availability of data and the continuity of client business. OPI’s BS 25999 certified disaster recovery and business continuity planning procedures outline protocol for ongoing operations of all devices, services, locations, and personnel. Key components include:
- All of OPI’s network links are protected by redundancies
- We maintain facility redundancy between three global service centers
- All system data is regularly backed up and stored in a remote location
- We regularly run test restorations to validate our data recovery procedures
Additionally, we work to integrate our disaster recovery plans with those of our clients. Our mutual plans take into account outages on either side, and ensure that communication and organizational plans are securely in place.
| |
|
|
|
|
