FISC Security

http://www.fiscsolutions.com/uploads/images/masthead-images/Business.jpg http://www.fiscsolutions.com/uploads/images/masthead-images/financialsmall.jpg

Security Program

Physical Security

  • Badge access to locked facilities.
  • Controlled access to all areas where confidential information is stored.
  • 24/7 fire and burglar alarm monitoring.
  • Camera surveillance throughout the operations facility.
  • Visitor sign in, temporary badge, and escort while on site.

Data Security

  • Logical application and data access controls.
  • Regular and frequent penetration tests.
  • Information security program review by third-party.
  • Firewalls and IDS/IPS systems for intrusion detection and prevention.
  • Encrypted email exchange.
  • Real-time virus and malware scanning.
  • Ongoing patch and vulnerability management.
  • Data transmissions through encrypted channels.
  • 24-hour on-call access to IT personnel.

Cash Handling Security

  • All mail is opened within view of the surveillance cameras.
  • Dual access and sign off controls.
  • Leading-edge "smart safe" to securely and accurately handle cash transactions.
  • The smart safe is the same type of currency counter used in the cash processing centers of banks and armored carriers.
  • The smart safe verifies the currency, checks for counterfeits, and automatically tracks the cash deposit.

Gramm-Leach-Bliley Act (GLBA) Privacy Compliance

  • Criminal background and consumer credit checks on all employees.
  • Signed confidentiality agreements with all employees.
  • Clean desk policies.
  • Mandatory annual security training for all employees.
  • Comprehensive GLBA Risk Assessment.
  • Multi-factor authentication of non-public client information.
  • Third-party confidentiality agreements.
  • Vendor review and management.

Compliance Programs

  • Extensive internal audit program.
  • Annual SSAE 16 (SOC1), formerly SAS 70 Type II Audits.
  • Regulatory examinations by the FDIC and other governmental agencies.

Business Continuity Planning

  • Comprehensive contingency plan for all operational departments.
  • Annual testing program.
  • Regularly scheduled data replication to the recovery site.

Disaster Recovery Site

  • Data replication.
  • Internet services including web, email, and FTP hosting.
  • Remote access and other computer services.