At MSC, we prioritize our customers’ system security through rigorous security policies, which include strict access controls, encryption standards, and regular patch management. We also conduct routine security audits and have a proactive incident response plan in place. Our commitment to security is underscored by our ISO 27001 certification.
Our AWS Security Policies and Procedures:
– Access Control:
– Multi-factor authentication (MFA) for critical access.
– Role-based access control (RBAC) to ensure least privilege.
– Regular audit of IAM roles and permissions.
– Data Protection:
– Data encryption at rest and in transit using industry-standard protocols.
– Regularly updated data retention and deletion policies.
– Use of AWS Key Management Service (KMS) for key management.
– Monitoring & Logging:
– Continuous monitoring with Amazon CloudWatch and AWS CloudTrail.
– Real-time alerts for suspicious activities.
– Periodic reviews of logs for security anomalies.
– Incident Response:
– Immediate response protocols for potential security breaches.
– Regular drills and simulations to ensure readiness.
– Post-incident reviews for lessons learned and process improvements.
– Network Security:
– Use of AWS WAF and AWS Shield for DDoS mitigation and web application protection.
– VPC security groups and NACLs for micro-segmentation.
– Periodic vulnerability assessments and penetration testing.
– Compliance & Audit:
– Routine internal and third-party security audits.
– Compliance with global standards like ISO 27001, PCI DSS, etc.
– Documentation of security practices and controls for transparency.
– Employee Training & Awareness:
– Regular security training sessions and updates.
– Cybersecurity awareness programs and drills.
– Secure development practices for application teams.
– Infrastructure Protection:
– Patch management procedures for all systems.
– Use of Amazon Inspector for security assessments.
– Regular backup and disaster recovery drills using AWS services like Amazon S3 and AWS Backup.
As evidence, please refer to the Docuemnt ISO270001, MSC Security Policies and Procedures
Proven customer success