... ...

Technology Infra and Security

Technology which is ‘fit-for-purpose’

  • Technology comparable to Urban delivery centers
  • Certified Structured cabling network design on gigabit standards
  • Active Devices design for Gigabit network delivery
  • Optimized IT support – remote engineers with local ops team
  • Walk to work, No Air-conditioning, Energy efficient desktops

Reliability, Security & Safety

  • Secure VPN connectivity
  • Security – Firewalls, IDS , Spyware Controls, Virus Controls, Spam Controls at Edge Routers

BCP, DR, Backup & Recovery

  • Internet connectivity – redundant links from two separate ISP – Optical fiber and Wireless (Redundancy, Route diversity)
  • Power backup by UPS backed up by Generators
  • Data Backup on defined frequency
  • Back up of key systems and devices – Firewall, Server, desktops
  • Distributed centers facilitate natural BCP/DR
  • Cold and Warm site – rerouting of work to client or B2R network

UPS 100% Power backup

UPS 100% Power backup

Information Security

  • Information Security Policy Statement and Objectives

The information security policy of B2R is to exercise due care on a continuing basis to ensure the confidentiality, integrity, and availability of internal data and client information in line with B2R’s business requirements, taking into consideration contractual, security, legal & regulatory requirements.

B2R commits to establish & maintain an Information Security Management System (ISMS) to achieve this, and work towards continuous improvement of ISMS.

  • Information Security Objectives

A. Information is secured and any unauthorizedaccess is prevented
B. Information is available on a need-to-know basis
C. Information is recoverable and accessible when needed

The Information Security Committee (ISC) within B2R ensures effective communication of this Information Security Policy Statement to all staff and relevant interested parties.

  • Information Security: Overview of Implementation

An Information Security Management System (ISMS) has been implemented, to protect information from unauthorized access, use, disclosure, destruction, modification, disruption, or distribution. The Information Security Committee (ISC) comprising of CEO & Senior Leadership Team (SLT) bear the responsibility for establishing and maintaining the system and to ensure it is maintained through instruction and training of B2R’s personnel. Equally, each employee has a personal responsibility to implement and maintain this system. B2R has the responsibility to protect the physical information assets of the company as well as confidential data and intellectual capital owned by the company and its customers. These critical assets are safeguarded to mitigate any potential impact to B2R and its clients.

To achieve this objective, policies, procedures, and standards, have been created to ensure secure business practices are in place at B2R. Information security is a foundational business practice that is incorporated into planning, development, operations, administration, sales and marketing, as each of these business functions requires specific safeguards to be in place to mitigate the risk associated with normal business activities. B2R’s approach to secure information is :

● Establish & maintain an effective ISMS
● Deploy appropriate technology and infrastructure
● Create and maintain a security conscious culture withinB2R.
● Monitor & review to improve effectiveness ofISMS

The assets that are protected include Facility Premises, Computers (including peripheral equipment & data storage media), Communications equipment, Power, Water, Communications utilities (Internet & Phone), Data/Information, and Employees.

The following dimensions of security are addressed by the ISMS:

Physical security: personnel, premises & perimeter areas, and equipment at facility
Computer system security: CPU, peripherals, OS and data
Telecommunications security: Telecom equipment, personnel, transmission paths and related areas
Operational security: Environment control, power conditioning and other related procedures
Procedural security: IT support, and other related aspects

As part of ISMS B2R defines necessary/key controls for Asset Classification and Control, Personnel
Security, Physical and Environmental Security, Communications and Operations Management, Access Control, Business Continuity Management, Compliance (to law), and Review and Evaluation. Departmental targets/goals have been identified for relevant functions (IT, Admin, HR, Operations) which align to B2R’s Information Security objectives. Achievement against these objectives is periodically
reported by ISC.

Client applications hosted on Customer’s network are excluded from the scope of control. All applications and related security controls on the Customer’s network are managed by the client.

B2R complies with applicable laws and regulations on Information Security and Privacy. Periodic Risk Assessments, and Internal Audits are carried out, along with Management Reviews, to ensure that the ISMS is functioning effectively and continually improving.

  • Information Security Processes implemented across  organization in line with ISO 27001:2013 – specific  “dedicated” centers have additional certification(s)  based on business/customers needs, and scale of  operations.
  • B2R’s Kausani & Letibunga centers delivering  Financial Print & Image Processing services respectively,  in a “dedicated center-model” to a Fortune 500 client  are certified to ISO 27001:2013 by BSI
  • B2R’s Orakhan center delivering Accounting Services  for US customers, is regularly audited to SSAE18 by  E&Y as part of their audit of our customers’ outsourced  operations.

Primary Internet Optic Fiber