GoMunshi

Menu

Data Security

Data Security Is Key

We Focus And Invest On Data Security Given The Importance

As we recognize the sensitivity of the information shared by our clients, we understand the paramount importance of maintaining the confidentiality of their data. In today’s world, where data is synonymous with trust, its accessibility has increased exponentially, leaving it exposed to potential security risks.

To maintain the confidentiality and trust of our clients, we are compliant with the highest standards of data security and compliance norms (SOC 2 Type II) as per guidance issued by the American Institute of Certified Public Accountants (AICPA).

What is SOC 2 Type II?

SOC 2 Type II is a voluntary standard developed by American Institute of CPAs (AICPA), that lays out guidelines on how data should be managed and protected. It defines criterias for managing data based on below five principles:

  • Security
  • Availability
  • Integrity
  • Confidentiality
  • Privacy
Know More About SOC 2 Type II

Protocols Followed by GoMunshi

Physical Security

  • Our office premises are accessible only with access cards / badges issued to employees. We perform a cycle count to monitor issuance of these access cards.
  • The premises are monitored through high-definition CCTV cameras 24*7 for safety and security.
  • Production areas can only be accessed by staff. Any visitors are not allowed near workstations.
  • All confidential documents are stored securely with limited access.
  • All our hard-drives are encrypted so that data cannot be extracted just in case a team member loses a laptop.
  • All USB drives are disabled (except to allow for mouse, monitor, keyboard, etc. usage).

    • IT Control

  • We use Sophos firewall and end-point protection (anti-virus) to protect our network and endpoints. Any website, downloads, etc. that may be potentially risk are entirely off the grid.
  • All laptops are set up to time-out after a short duration of no usage to avoid unauthorized access.
  • Regular data backup is taken should there be a need in case of a disaster. Data backup is not done in case of using VDI (Virtual Desktop Infrastructure) environments.
  • Client information exchange is done through channels approved and discussed (e.g., MS-Teams, a particular location on client server, client email server, etc.).

    • Teaming With IT Experts

    We acknowledge the importance of having a trusted managed service provider for all our IT needs. We have partnered with a highly-qualified team of IT professionals who manage our data security and IT needs. A dedicated IT professional is also based in our office for any issues team members may have to avoid loss of any productive time.

    Tailored Data Exchange

    Information exchange with clients are through secure channels like VDI, etc. which are discussed at the time of client onboarding. Our team members follow these protocols diligently to avoid any information leakage.

    Third Party Background Verification

    All of our team members go through a third-party background check prior to joining. This check entails a third-party review of their education, employment, police verification and other criminal records.