What are the measures taken by CIBIL to ensure the security of Member's data?
The security of the Members' data is of paramount importance to CIBIL. CIBIL's security measures are aligned with global ‘best practices’, stringent risk management standards and are subject to regular audits by independent auditors. CIBIL has adopted state-of-the-art technology to provide information security. The important aspects are detailed below:
- Information in CIBIL database is accessed only on a strictly ‘Need to Know’ basis. For example, the access to the Data Center is available only to authorized personnel engaged in regular systems and database administration.
- Access control devices, surveillance cameras installed at strategic locations and biometric access system at the Data Center with the highest levels of security.
- Comprehensive perimeter security solution consisting of a Firewall, Intrusion Detection and Vulnerability Assessment System to secure the network infrastructure from external security risk.
- Installation of the following devices to deal with fire hazards:
- State-of-the-art (VESDA) smoke detection system to provide early warning and isolation of potential fire hazards.
- FM200 based Fire Suppression System to extinguish fire with minimal damage to the IT systems.
- Anti -Virus software installed on all servers in the Data Center. Security patches and necessary configurations are continuously applied to the Servers and Network appliances.
- 128-bit SSL encryption for all Web-based transactions including FTP.
- Cryptographic solutions for all information sent or received through any physical media i.e. CD, DAT and DLT.
What is encryption?
Encryption is technique used to mask proprietary information in order to prevent it from being accessed by unauthorized individuals. Only authorized individuals who have been provided with the appropriate decoding software can unscramble the information. Thus, encrypted information that it's Members provide CIBIL are extremely secure.
Posts
