Security

BMC SAAS places paramount importance on security, collaborating with several IT firms to safeguard all client information and data. We have a dedicated IT expert from their firm stationed at our office full-time. To ensure stringent quality control, we conduct regular training sessions and audits. Our internal auditors meticulously assess the efficiency and effectiveness of our procedures, making revisions as necessary. Additionally, our quality management system undergoes validation by third-party auditors to align with our business objectives.

We prioritize client data security and confidentiality at BMC SAAS. Since our inception in 2016, we are proud to report zero data breaches.

BMC SAAS security guidelines:

Data access is restricted to authorized users only
All methods of data transfers to external sources are controlled
Removable storage devices like pen drives, smart phones, etc are blocked on workstations
Access to Internet sites (email, ftp, online storage etc) is blocked by use of industry class firewall device

All workstations are protected by enterprise level Antivirus solution, which is continuously updated.
All operations areas are protected by magnetic door locking mechanism with access only to department members.
All main doors are manned by security officers with 24*7 CCTV camera monitoring
Users are periodically made aware of IT policies and security measures

Security Policy

Password Protection

Our password-protected logins restrict access to registered users only. User passwords are encrypted in our SQL database, and we maintain logs of all users accessing the system.

Non-Disclosure / Confidentiality Agreements

All employees sign non-disclosure and confidentiality agreements. They are bound by these agreements and are prohibited from sharing information from engagements with anyone, including co-employees, unless it is related to the preparation of the engagement. Information sharing between preparers and reviewers is only allowed through their direct supervisors.

Secure Service Centers for Financial Services Outsourcing

We implement a comprehensive service center security policy to ensure secure financial services outsourcing. Our security measures include:
Restricted physical access to processing and server environments.
A paperless system to prevent data removal from the facility.
Virtually restricted internet access on operational computers, with data retrieval and transmission supervised by the project manager. Computers without media drives ensure files cannot be copied, and Outlook is removed from all PCs.

Physical Security

A security guard is present at the entrance.
Access to the server room requires an access card and is restricted to dedicated employees assigned to outsourced activities.
Returns are prepared in a paperless environment, with no source documents, accounting data, or tax returns printed.
Printers are limited to producing management reports only.

Personal Belongings

Briefcases, bags, and other personal belongings are not allowed in the service center.
There are no removable media devices, and PCs do not have floppy drives or CD/DVD R/W drives.

Our stringent security measures ensure the highest level of protection for your financial data. If you have any questions or concerns about our data security policies, please feel free to contact us.

Security Tools

Security measures are integral to BMC SAAS's commitment to safeguarding client information, maintaining operational integrity, and upholding the highest standards of data security and privacy.

Boundary firewall & gateways

Implemented to control and monitor incoming and outgoing network traffic, ensuring unauthorized access is prevented at the network perimeter.

Secure configuration

Ensures that all systems and devices are configured securely according to best practices and security standards to minimize vulnerabilities.

Access control

Strict measures are in place to manage and restrict access to systems, networks, and data based on user roles and permissions, enhancing overall security.

Malware protection

Utilizes robust software and protocols to detect, prevent, and remove malicious software threats such as viruses, ransomware, and spyware.

Patch management

Regular updates and patches are applied to systems, applications, and devices to address security vulnerabilities promptly and mitigate risks.

Security

BMC SAAS security guidelines:

Security Policy

Password Protection​

Our password-protected logins restrict access to registered users only. User passwords are encrypted in our SQL database, and we maintain logs of all users accessing the system.

Non-Disclosure / Confidentiality Agreements​

Secure Service Centers for Financial Services Outsourcing​

We implement a comprehensive service center security policy to ensure secure financial services outsourcing. Our security measures include:

Restricted physical access to processing and server environments.

A paperless system to prevent data removal from the facility.

Virtually restricted internet access on operational computers, with data retrieval and transmission supervised by the project manager. Computers without media drives ensure files cannot be copied, and Outlook is removed from all PCs.

Physical Security​

A security guard is present at the entrance.

Access to the server room requires an access card and is restricted to dedicated employees assigned to outsourced activities.

Returns are prepared in a paperless environment, with no source documents, accounting data, or tax returns printed.

Printers are limited to producing management reports only.

Personal Belongings​

Briefcases, bags, and other personal belongings are not allowed in the service center.

There are no removable media devices, and PCs do not have floppy drives or CD/DVD R/W drives.

​ Our stringent security measures ensure the highest level of protection for your financial data. If you have any questions or concerns about our data security policies, please feel free to contact us.