Security Measures for Remote Working
The world is witnessing the impact of COVID-19 on all facets of life and across all industries, allowing them to embrace remote working practices.
Digital CPA Global is an initiative towards re-defining the IP category and delivering our vision for Frictionless IP by becoming a digital first organisation where we work remotely. During this time, it is of utmost importance for all our employees to maintain appropriate levels of security to ensure that the data of CPA Global (be it ours or the clients) is safeguarded.
CPA Global personnel are accountable for maintaining confidentiality, keeping information secure and considering the physical working environment when working remotely. The following measures have been adopted to guard against the risks associated with the remote working practices:
IT Infrastructure Security
CPA Global has secured its perimeter with Network Intrusion Prevention Systems (NIPS), Application Firewalls and Network based Firewalls. All CPA Global desktops and servers are periodically updated with latest security & OS patches along with regular antivirus updates.
Remote Working Policies
CPA Global has a well-established policy ‘Acceptable Use Policy’ and ‘Mobile Computing & Teleworking Policy’ to outline the security requirements regarding the use of CPA Global assets while working remotely, in order to protect against the risks of unauthorized access, modification, destruction, or disclosure of confidential data.
CPA Global employees have remote access into CPA Global networks from authorized CPA Global provided and managed laptops using authorized corporate VPN connection. All data in transit remains encrypted using HTTPS/TLS v1.2.
CPA Global employees are imparted periodic Information Security awareness and Data Privacy trainings to increase awareness of Cybersecurity risks along with the actions to prevent & mitigate these risks. In addition, periodic security awareness mails are shared with employees in regard to their responsibilities for keeping information secure and considering the physical working environment while working remotely.
Data Leakage Prevention
Access to USB ports for data transfer is blocked by default in order to protect confidential and sensitive information. User session CPA Global laptops are configured for automatic lockout in the event of user being inactive to prevent any unauthorized usage of active sessions. Access to system utilities is restricted for users and they do not have administrative rights to install unauthorized softwares unless duly authorized.
User Access Management
All CPA Global employees are required to login into CPA Global domain running on globally centralized Microsoft Windows Active Directory Services (AD) using their individual user account and password configured to use Multi Factor Authentication (MFA) on all O365 applications.
As phishing scams grow more and more complex, CPA Global leverages AI-Powered Phishing Prevention & Incident Response solution in order to reduce the risk of phishing attacks.
BitLocker drive encryption is enabled by default for data encryption at rest on all Windows 10 laptops issued by CPA Global.