Know More About Our Building And Infrastructure Controls
AI Workspace is housed in Globsyn Group’s state of the art infrastructure spread over 200,000 sqft of built up space with a team strength in excess of 1000+ Workers and boasts of a worthy SOC 2 ® certification. Developed by the American Institute of CPAs (AICPA), SOC 2 audit is based on the five “trust service principles”— security, availability, processing integrity, confidentiality and privacy.
Physical Infrastructure Controls
AI Workspace has designed and implemented stringent access controls to ensure only authorized users can obtain access to AI Workspace infrastructure.
Employee Identification: Workers have been issued photo Identification (ID) cards and are always required to carry and display within the premises. The ID card is checked at various security levels and checkpoints established within the premises.
Two-factor Authentication: All workers of AI Workspace can only enter the working premises after Two-factor authentication.
- Factor I – Physical facial recognition check by a security guard against their worker ID Cards
- Factor II – Biometric Authentication. No one is authorized to enter AI Workspace production/operation area and server room with any bag, paper or electronic equipment
Building Security: AI Workspace has clearly marked along the perimeter and at all entry points in the premises with signs indicating that ‘Access is restricted to authorized individuals only’. All entry points and critical areas are:
- permanently closed, or;
- staffed by Physical Security guards (24X7presence) /admin personnel and/or;
- monitored real time using CCTV cameras. To restrict entry and monitor movements to/ from the AI Workspace infrastructure
Biometric Access Control is installed at all critical entry points as identified in the facility plan. All the floors are staffed by a security guard at the front desk who monitors the movement. Admin Team and security personnel are trained to challenge any individual with suspicious movements/ without appropriate identification card in the premises. Critical areas are monitored using CCTV cameras on a continuous basis. CCTV recordings are retained for 30 days for need based analysis.
Visitor Management: Any visitor to AI Workspace needs prior approval by Admin Department before getting physical access to the project area. Visitors to the facilities are required to identify themselves at the security gate; in turn, security calls up the employee for authorization. All visitors’ entry into the premises is recorded in the visitors’ register. Further, to facilitate their movement in the premises, they are issued visitor cards and accompanied by an authorized personnel. Before entering the premises, visitors also have to go through a metal detector scan.
Surveillance: Security Guards are deployed on duty round the clock to carry out the facility surveillance. No loiterers are allowed inside the AI Workspace project area. Physical security guards and admin staff are trained to challenge any individual with suspicious movements or without appropriate identification cards in the project premises.
Access to Central Server Room: Only authorized personnel having appropriate business needs are granted access to the critical areas including server room, via Biometric Access Control. Combustible materials, food and drink are not permitted in the room. All visitors to the computer room are escorted by authorized personnel at all times throughout their stay. Each visitor must sign in and sign out in the entry register placed outside the computer room entrance.
Fire Detection and Prevention: AI Workspace project’s facility is equipped to be secured and protected from environmental threats and hazards. It has installed fire suppression and protection systems. In case of a fire, fire department will be dispatched upon confirmation from the admin team. Smoke detectors are installed in every room, server room, and hallways. Admin department has identified the critical areas and installed adequate fire suppression systems, viz., fire extinguishers, fire alarms and fire hydrant. Fire drills are carried out as per the defined periodicity to ensure that the users are aware of the procedures.
Information Systems Infrastructure Controls
System Access: All workers use a unique ID to access AI Workspace systems. Passwords are set in accordance with the Password Policy. Remote access to any AI Workspace systems is not allowed. System sessions automatically lock after 1 minute of inactivity. Privilege access rights to servers, databases, network, backup and storage devices and applications are restricted to limited AI Workspace (workers/ third party contractors) based on their responsibilities; by raising a change management request and obtaining an approval from relevant authorized personnel.
Network Security: AI Workspace maintains a secure network infrastructure through its Network Security Policy in order to protect the integrity and confidentiality of client and organization data and mitigate the risk of a security incident. The creation and management of all accounts and Access and maintenance of applications systems, network components (including routers, firewalls etc.), operating systems, virtualization components, hypervisors, or other information objects is restricted to authorized personnel only and are logged and reviewed on at least a quarterly basis.
Password construction for AI Workspace network devices are as per the Password policy and are changed after every 90 days. In order to guard against password-guessing and brute-force attempts, the Firm locks a user’s account after 5 unsuccessful logins. Logs of network devices are recorded, maintained, reviewed and retained. Network Vulnerability Assessment, Network Testing and Network Documentation is done on a periodic basis.
For internal Security against visit to harmful website / download of harmful applications, AI Workspace has implemented Firewall Policy. In case of outbound connections, only business specific outbound connections from workstations are allowed based on department-wise access control requirements. In case of URL and Application Filtering, only business specific URLs are allowed from workstations. No VPN connection is allowed on the network. All AI Workspace firewalls include intrusion detection systems approved by the SEG department. All firewalls are located in locked rooms accessible only to those who perform authorized firewall management and maintenance tasks approved by the SEG Department Head.
Antivirus System: For internal Security against possible virus / malicious malware attack, AI Workspace Anti-virus Policy exists which is designed to minimize the risk of a virus/malware infection, and what to do if they are encountered. The configuration standards, user responsibilities, exceptions and compliance non-conformance, procedure for handling suspected infections, etc. are all designed and implemented by the SEG Department through the Antivirus Policy.
Workstation Security: AI Workspace implements workstation security via active directory-based domain policy. The Active Directory configurations include aspects like the domain name, username format, password specifications, account and machine lock out timings, etc. Apart from this, local storage access, USB port, network sharing, web cam, Bluetooth, Wi-Fi and screenshots are all disabled/blocked. Firewall configurations include the list of all inbound and outbound accesses and blocks as per requirement.