Data Security Measures

Physical Security

  • We have installed an access control system at our workplace’s entrance to enable only authorized personnels to the workspace
  • Screening of visitors and employees by a security guard (including in night shift) during entry and exit for data storage media like USB drives, SD cards, memory cards etc.
  • No cameras, camera phones and digital recording media allowed in sensitive processes or sections of our premises
  • Entire work floor area is covered under CCTV security cameras. The feed is monitored by IT and administration department on a regular basis
  • Building awareness in the employees regarding “Phishing Attacks & Scams”
Policy Backed Security for outsource accounting services

Policy Backed Security

  • Our organization adheres to a privacy and data security policy, developed in consultation with outsourcing experts. This is clearly discussed with existing and new staff to ensure complete understanding and compliance
  • Employees sign non disclosure agreements (NDA) with stringent data security clauses, punishable under Indian laws including Information Technology Act, 2000
  • Complete background checks for employees including references from past employers, registrations with nearest police station and family background check
  • Most of our employees have prior outsourcing experience, and are familiar with the strict data security policies of an outsourcing firm
Data Security for outsource accounting services

Data Security

  • Emails are monitored and protected through Microsoft 365 and Intune. Multi-Factor Authentication (MFA) and frequent password changes ensure mailbox access is limited to authorized personnel only.

  • Email servers are secured using Microsoft Defender, Sophos Endpoint Protection, and Microsoft Intune Data Loss Protection (DLP).

  • Access to all data is protected through 256-bit SSL encryption, ensuring secure data transmission.

  • Comprehensive security audits are conducted regularly to assess and strengthen system defenses.

  • We are actively moving toward a paperless environment, supporting both environmental sustainability and enhanced data security.

  • We adhere to globally accepted Data Retention, Backup, and Data Deletion Policies, ensuring responsible data lifecycle management.

  • We consistently maintain a high Microsoft Secure Score, reflecting our strong security posture, effective risk management, and adherence to best-practice controls.

Network Security for outsource accounting services

Network protection is maintained through Sophos Firewall and Microsoft Defender for both server and client-level security, defending against viruses, worms, and other malicious attacks. Segmented LAN architecture ensures controlled data flow and internal containment of potential threats. Multiple client-level access restrictions are enforced to limit data exposure. Data Classification and Handling Our departmental and office networks are securely segmented to contain potential threats and minimize the impact of any security incident. All data is classified under clearly defined categories to enable strict information flow controls and prevent unauthorized access. We ensure end-to-end encryption across all storage and transmission layers for comprehensive data protection. Advanced logging and monitoring tools are deployed to detect, flag, and respond to any policy violations or anomalies in real time.

Network Protection

  • Network protection is maintained through Sophos Firewall and Microsoft Defender for both server and client-level security, defending against viruses, worms, and other malicious attacks.
  • Segmented LAN architecture ensures controlled data flow and internal containment of potential threats.
  • Multiple client-level access restrictions are enforced to limit data exposure.

Data Classification and Handling

  • Our departmental and office networks are securely segmented to contain potential threats and minimize the impact of any security incident.
  • All data is classified under clearly defined categories to enable strict information flow controls and prevent unauthorized access.
  • We ensure end-to-end encryption across all storage and transmission layers for comprehensive data protection.
  • Advanced logging and monitoring tools are deployed to detect, flag, and respond to any policy violations or anomalies in real time.
PC Security for outsource accounting services

PC and Shared Workspaces Security

  • OHI is fully on Office365 Platform
  • Individual domain accounts for each processor ensures that the access to source documents is restricted to authorized employees only
  • PCs used by processors have disabled USB and CD ROM drives
  • Users are not permitted to utilize personal email accounts. Access to a variety of websites is limited and monitored
  • Shared WorkSpaces such as OneDrive have restricted access to just the assigned teams only
Business Continuity

Business Continuity

  • We maintain a robust Business Continuity Plan (BCP) to ensure uninterrupted delivery of critical services, even during unforeseen disruptions.

  • Key operational processes are mapped, prioritized, and supported with redundancies across infrastructure, personnel, and supply chains to maintain resilience.

a close-up of a server

Disaster Recovery

  • Our Disaster Recovery Plan (DRP) includes rapid failover capabilities, ensuring minimal disruption in the event of system failure or cyber incidents.

  • We conduct regular simulations and testing of our recovery procedures to validate readiness and reduce downtime during actual emergencies.

a white paper character on a keyboard

Mail Backup

  • We implement automated daily backups of all corporate emails to ensure data integrity, retrieval, and compliance with regulatory requirements.

  • Backup systems are secured with encryption and stored in geographically redundant locations, ensuring email data is protected and quickly restorable when needed.

Certificates And Memberships