Security

SecureOne has extensive experience with
high-security applications.

SecureOne has extensive experience with high-security applications involving cash, checks and other sensitive personal information such as medical records, bank account information and social security numbers. SecureOne is ISO 17799 certified and is PCI compliant with Visa and MasterCard. ISO 17799 (replaced by ISO 27001) is a rigorous standard for physical security, data security and security policies and depending on the project, SecureOne has the following security precautions available:

Physical Security

  • Physically separate processing areas for key customers
  • Facility occupied 24 hours per day by employees or security guard
  • No camera phones in the processing area
  • Keypad or security badge restricts access based upon the employee job function
  • Lockbox area has a glass wall to create a “fishbowl” effect and has no exterior walls
  • Personal items are not allowed in secure processing areas
  • Tasks are assigned to multiple employees to minimize risk of fraud or theft
  • Security cameras with time lapse VCR or hard disk storage of video
  • Floor safe for document storage
  • Back up generator for electric outages
  • Documents kept in locked storage area

Data Security

  • Network servers are in a separate room with restricted access
  • The network server room has a dedicated HVAC system
  • FM200 fire suppression system in server room
  • Director of IT is SANS certified
  • Network access is password protected
  • Passwords must be changed every 60 days
  • Automatic network log off for inactive workstations
  • Access rights limited by employee job function
  • No diskette drives, USB ports or Internet access for computers in secure processing areas
  • Network and backup servers have RAID 5 configuration
  • Full weekly and incremental daily backup
  • Offsite storage of backup
  • Password protected FTP server
  • Encryption of data
  • Employees required to sign a non-disclosure agreement
  • National felony background check including the terrorist watch list for all employees
  • Social security number validation for all employees