Bg

SECURITY & IT INFRASTRUCTURE

We comply with the global standards of information security and data protection

security

Global Standards of Information Security and Data Protection

GDPR

GDPR

We are fully compliant with the General Data Protection Regulation (GDPR), the European Union’s benchmark legislation for data privacy and protection. This compliance ensures that we uphold the highest standards in handling personal data—covering data collection, processing, storage, and disposal. Our practices are designed to safeguard individual privacy rights, maintain transparency, and ensure accountability across all our operations involving EU data subjects.

ISO 27701 Blue

ISO 27701 Certified Company

We are an ISO 27701 certified. The ISO 27701 is the international standard for privacy Information management system. It is a privacy extension of ISO 27001. This is an internationally recognised framework that helps organizations show accountability while managing risks around personally identifiable information.

iso 27001

ISO 27001:2022 Certified Company

We are an ISO 27001:2022 certified company. The ISO 27001:2022 is the international standard for ISMS – Information Security Management System. This certification ensures that we meet the required standards for information security policies, physical security, environmental security, asset management, compliances and a host of other standards that we use to establish, implement, maintain and continually improve the information security management system.

iso 9001

ISO 9001:2015 Certified Company

We are an ISO 9001:2015 certified company. The ISO 9001:2015 is the international standard for quality management system. This certification ensures that we meet the required standards for customer focus, leadership, people engagement, process driven approach, process improvement, evidence-based decision making and relationship management in all our core functions.

Security Measures

Our security standards and protocols ensure that we can mitigate security threats and vulnerabilities

  • Best-in-class infrastructure deployment
  • Industry best standards of security
  • Continuous review and improvement

Physical Infrastructure

We adhere to some of the most rigorous infrastructure procedures to ensure utmost security

infastructure

Dedicated Infrastructure

Fixed office and workstation for every employee

access

Access Control Systems

Designation-based employee access to each office floor

camera

Video Surveillance

24/7 surveillance by CCTV cameras

cellphone

Mobile Phone Restriction

No cell phones allowed on the floor

Fire

Fire Safety

Necessary fire safety equipment in place

IT Infrastructure

  • Latest configuration in desktops and other IT assets
  • Upgradation of computers and other equipment every 3-4 years
  • 100% uptime via dual leased line internet connections
  • Multiple backup systems through UPS (Uninterrupted Power Supply) and diesel generators
  • CloudPBX (Ring Central) for phone communication
  • 24/7 IT support and helpdesk management system
  • Communication software like Remote PC, Zoom, Go to Meeting, Microsoft Teams etc.
  • Taxation software like Drake, ProFx, Pro Series, Lacerte etc.
  • Accounting software like QuickBooks Desktop, QuickBooks Online, XERO, SageIntacct etc.
Programmer

Network Infrastructure & Security

  • Disabled DVD drives & external drives
  • Star topology network
  • Secured workstations with password
  • Mandatory password change policy after 30 days
  • Clear desktop/desk policy implementation
  • Limited access to communication channels such as chat tools, public emails etc.
  • Periodic audits for threat determination and threat mitigation
  • Centralized data storage
  • Content filters and anti-virus network perimeter
  • IDS/IPS monitoring for network perimeter
  • Data loss prevention
Digital Globe

Audits

  • Network scan and penetration test
  • Email monitoring by compliance officer
  • Single time source and unified logging of events
  • Vulnerability process audits
  • External audits
  • Application audits
Audits

Security Control Policies

SSL VPN for employees who work from home

Firewall with content and website filters

Password protected systems

Group email ID by client

Folder access rights to client specific teams

Secure internet browser through anti-virus & firewall

Whitelist domain – only authorized person can send email(s)

No USB access or cell phone access

No access to office Wi-Fi on private cell phone

Access to Client’s Data and Server

VPN

Access to client’s server in secured environment through VPN / secured RDP / Citrix

Access to client’s data only to the users working on client’s account

User rights are defined based on their designation

Password protected accounting system

Role-based accounting system rights

Access to dedicated group e-mail ID, fax number or secured FTP to share documents

Data Security Measures

data security

Strong Passwords

Strong password protocol through combination of capitals, lower-case letters, numbers and special character

Tough Firewall

Network protection via stringent firewall configuration that filters incoming and outgoing internet traffic

Anti-virus Protection

Anti-virus and anti-malware enabled company data protection. It neutralizes viruses, adware, worms, trojans and so on

Regular Updates

All computers are regularly patched and updated by a central server

Secure Every Device

Disk level data encryption and password restricted user access in all company devices

Scheduled Backups

Rigorous implementation of pre-scheduled data backup sessions

Knowledge Transition on Data Security

Regular employee trainings to increase data security awareness

PGS Security Program 
(Policies and Procedures)

Acceptable Use Policy

This policy specifies the constraints and practices that an employee must agree in order to use organizational IT assets and access the PGS network or the internet. It is a standard onboarding policy for new employees.

Access Control Policy

This policy defines employee access with regards to PGS data and information systems. It includes access control standards and implementation guides. The policy has standards for user access, network access controls, operating system software controls and complexity of passwords.

Change Management Policy

The policy refers to the formal process to make changes in IT, software development and security services/operations.

Information Security Policy

The information security policy covers a large number of security controls. It pushes employees to be accountable and follow the rules with regards to sensitive information and IT assets.

Incident Response Policy

This policy outlines an organized approach towards incident management and offers remedies for the operations.

Remote Access Policy

This policy documents and defines acceptable methods of remotely connecting to PGS internal networks.

Email Communication Policy

The email communication policy documents the employee usage of various electronic communication mediums defined by PGS.

Disaster Recovery Policy

This policy talks about the disaster recovery plan as part of the business continuity plan. In case of a disaster, the disaster recovery policy is initiated.

Business Continuity Plan (BCP)

The BCP policy describes the operation of PGS in an emergency situation.

Get in Touch

Seeking personalized support?

Request a call from our expert team

+44
Select a country
Select an option

Your data is secure with us