To maximize the reliability and security of different sub-processes, we follow these accepted best practices and industry standards:
- ISO Standard ISO27002 — codes of practice for information security management covering authentication, encryption, vulnerability testing, monitoring and annual auditing
- Information Systems Security Association (ISSA) standards
- Federal Financial Institutions Examinations Council (FFIEC) guidelines
- Control Objectives for Information and related Technology (COBIT®) guidelines
- Information Systems Audit and Control Association (ISACA) standards
- Internal audits to assess the handling of secure and sensitive data as it relates to Sarbanes-Oxley and Gramm-Leach-Bliley compliance, as well as the Statement on Auditing Standards No. 70
- VeriSign® and Cybertrust® audit and SSL encryption — 128-bit SSL encryption ensures orders placed online are transmitted securely; they are then audited by VeriSign and Cybertrust
Incident Management and Protection
Harland Clarke has contingency plans, practiced and in place, to respond to almost any level of disaster. Our Corporate Business Continuity Plan (CBCP) and Disaster Recovery Plan (DRP) are tested and reviewed annually by executive management and updated as critical changes occur.
Corporate Business Continuity Plan and Disaster Recovery Plan
In the event that an outage or a disaster affects one or more of our facilities, Harland Clarke is prepared. We take a multifaceted approach to protecting essential business functions and restoring operations within acceptable time frames, including:
- Centrally controlled information systems designed to transmit and transfer work anywhere in our system
- Redundancy in hardware, communications, electrical and mechanical systems
- Off-site storage of data and system control software for backup protection
- Imprint facilities prepared to provide additional production capacity when needed
- Spare equipment available for immediate shipment to any production facility
- Effectively trained employees who perform emergency operations, mitigation measures and recovery responsibilities
Throughout all of these processes and procedures are secure data practices for data archives, networks, services and data transmissions.
NEXT | Click here to learn more about Harland Clarke's Security Support Systems.