MicroSourcing recognizes that data security and intellectual property protection are some of the primary concerns of our clients.
We have put an extensive range of measures in place to keep our client's and employee’s data safe and secure. We have a dedicated team in place responsible for our compliance, business continuity and information security. A large component of data security for MicroSourcing is our ability to customize the following risk mitigation measures to comply with the needs of our clients as required.
Compliance with international standards
MicroSourcing is ISO-certified are capable of hosting and managing HIPAA and PCI-DSS-compliant operations.
ISO 27001 CERTIFICATION
Certifies that we can expertly establish, implement, maintain and continually improve an information security management system within an organization, including the assessment and treatment of risks.
ISO 9001 CERTIFICATION
Certifies that we can consistently provide services that meet customer, statutory and regulatory requirements.
Certifies that we have all necessary physical, network and process security measures in place to protect sensitive patient data.
Certifies that we maintain a secure environment for accepting, processing, storing and transmitting credit card information
Our ISO certifications are audited yearly by SGS, an internationally renowned and recognized auditing firm. Our clients in the financial and medical industry conduct their own annual audits for the PCI-DSS and HIPAA compliance of their offshore operation at MicroSourcing using both internal and external auditors.
IT data privacy and standards
As our employees work on-site and are sometimes required to work remotely due to unforeseen economic events or at the client’s request, all of our workstations are fully customizable with the following IT security features:
Disablement of USB ports and optical drives.
Server options for VLANs, physically segregated network partitions and MPLS links.
Unified threat management devices with fully adjustable data and content filtering.
Symantec End Point Protection with a central management server.
Fully redundant network infrastructure with automatic fail-over.
Data-secure working environments
All our offices are located in private compounds with all access points and roads guarded by security cameras and security guards. Our office buildings have their own security guards and strict protocols for the delivery and extraction of assets and entry of people.
Private security guards operate our front desk and monitor the security cameras we have installed all over our offices.
Special work floors to prohibit personal belongings and electronics.
Access doors are controlled by network-driven proximity card devices.
Offices fit with sprinklers and central fire detection panels.
Business continuity and disaster recovery management
Because the Philippines is exposed to a number of typhoons each year, every MicroSourcing facility provides 100% infrastructure redundancy and world-class business continuity processes. We have 35 dedicated IT staff and 24/7 IT support on-site with MCP, CCNA, Network+ AND Server+ certification to keep our client’s operations up and running.
98% uptime guarantee (SLA)
Multiple internet connections
from tier-1 providers
Human resources-related policies
During the hiring process, our talent acquisition teams follow specific screening protocols to ensure our employees are fit to work.
Hiring stage employee third-party background investigation.
Candidate clearances from neighborhood councils and the National Bureau of Investigation (NBI).
Employment contracts clauses can include NDAs and non-competes.
Offboarding process includes the deactivation of employee accounts, access passwords and proximity cards.
Customization and cooperation on data security
We work closely with our clients to ensure a safe data flow between our client’s domestic operations and their MicroSourcing team in the Philippines. Our clients are free to provide us with their own security protocols which they can ask us to replicate for their offshore operations. The key takeaway is that we are highly experienced in data security and can customize each of our clients’ data security environments.