MYCPE ONE attained SOC Type II certification, a voluntary Compliance Requirement for service organizations developed by the American Institute of CPAs (AICPA). It specifies how organizations should manage customer data based on Trust Services Criteria: Security, Availability, Processing, Integrity, Confidentiality, and Privacy.
It's based on the following Trust Services Criteria: security, availability, processing integrity, confidentiality, and privacy. SOC II certification is a recognized standard in the industry. Implementing it means we comply with various regulatory frameworks and standards such as GDPR, HIPAA, and PCI-DSS.
ISO 27001:2022 is the international standard for information security management systems. The certification confirms that MYCPE ONE has implemented comprehensive security controls to protect clients' data from unauthorized access, theft, and loss.
The ISO 27001 certification process involves a rigorous external audit by a third-party certification body, which ensures that our security controls meet or exceed industry best practices. ISO (International Organization for Standardization) is a global standard-setting body that develops and publishes international standards for various industries and sectors.
We are compliant with the General Data Protection Regulation (GDPR), a comprehensive privacy law regulating how businesses handle the personal data of EU residents. The GDPR requires businesses to implement appropriate technical and organizational measures to protect personal data and respect data subjects' privacy rights.
To comply with the GDPR, MYCPE ONE has implemented several measures, including data protection policies and procedures, employee training on data protection, regular security audits, and data breach response plans. MYCPE ONE has also appointed a Data Protection Officer (DPO), who oversees the company's compliance with GDPR requirements.
Several measures have been put in place to ensure security in the workplace. Firstly, mobile phones are not allowed in the work area. Secondly, the work area is paperless, and USBs, pens, and printers are disabled. Internet access is monitored, and personal emails or social media are prohibited.
The system has firewall protection and multi-factor authentication facilitated, and key cards control access to the work area. In addition, 24x7 CCTV surveillance is in place. The company is GDPR compliant and ISO 27001 certified, with cyber security insurance and E&O insurance. For those working from home, employee monitoring software is also in place. All these measures have been taken to ensure the security and confidentiality of the work.
Each Staff Background & Referral Check
10% Additional Workstation & 15% Infrastructure Capacity at Anytime.
8% to 10% Staff Available on bench.
Antivirus and Malware Protected.
Computer with battery back-up (Upto 2 hours) in case of Power Outage.
Fuel Generator with back-up (Upto 2 hours) in case of Power Outage.
Cyber and Data Theft Insurance Coverage.
Insurance Cover (flood, hurricane, earthquake).
3 Dedicated Internet Lines (1 Operational and 2 Backups).
Network Security and Firewall Protection.
BCP Response Team.
Incidence/Disaster Testing Monthly/Quarterly.
Diversified Hiring across 20+ Cities across India/Philippines.
At MYCPE ONE, we prioritize the security of our client data through comprehensive and ongoing cybersecurity training. From the moment new employees join our team, they are equipped with the essential skills needed to protect sensitive information effectively.
Onboarding Training:
Teaches the principles of protecting client information, including encryption and secure data storage practices.
Instructs on creating strong passwords, using password managers on the secured portal, and the importance of regular password changes.
Educates on identifying and responding to phishing attempts and other common cyber threats.
Outlines best practices for browsing the internet securely, especially when accessing client data.
Ongoing Training:
Continuous training on the latest phishing techniques and defenses against them.
Updates on securing software applications that are critical to handling client data safely.
Training on the strict policies against copying or transferring client data without authorization, emphasizing the importance of maintaining data confidentiality.
Training on how to respond effectively to a data breach or security incident to minimize damage and recover data integrity.
MYCPE ONE upholds the '3 Pillars of Data Security' - People, Processes, and Practices. We ensure a trusted environment by empowering team members to safeguard client success. Stringent security protocols fortify every layer of our infrastructure, ensuring constant protection. Vigilance in round-the-clock monitoring upholds elevated safety standards.
At MYCPE ONE, we believe in a foundation of trust and expertise. Every step we take is geared towards nurturing a secure, savvy workplace where every team member is empowered to protect and propel our clients' success.
Assign three IT specialists per 100 employees for vigilant network support and quick problem-solving, ensuring stable and secure systems.
Conduct detailed background checks to confirm new hires’ credibility and maintain organizational trust.
Regularly update staff on cybersecurity awareness, arming them against emerging digital threats.
Restrict data access strictly to necessary personnel, minimizing the risk of data breaches.
Deploy advanced systems to detect and counteract cyber threats in real time, safeguarding network integrity.
Bind employees to secrecy through legal agreements, securing sensitive business information.
Implement screen activity tracking to bolster both productivity and cybersecurity compliance.
We maintain a steadfast commitment to the highest standards of data security. Our comprehensive security measures are designed to protect against both internal and external threats, ensuring that our client's data remains safeguarded at all times. From the ground up, every layer of our infrastructure is fortified with advanced security protocols.
We use firewalls to keep our network safe from unwanted intrusions.
Blocking USB ports helps us prevent data theft and stops viruses in their tracks.
Constant camera monitoring acts as our eyes, deterring and documenting any unusual activity.
We control access to our most sensitive areas with key cards, ensuring only authorized staff get in.
Personal phones and tablets are a no-go to keep our networks secure.
In our work zones, we ditch paper to keep the information strictly digital and secure.
We restrict internet use to work-only websites to keep our systems safe.
We keep our data scrambled and unreadable to anyone who shouldn’t see it
We add an extra step to verify identities for safer system access.
Keeping our systems safe is at the heart of everything we do. We watch over our networks day and night and make sure everyone we work with meets our high safety standards.
We perform systematic security evaluations to identify and address vulnerabilities, strengthening our defenses against cyber threats.
Our comprehensive backup procedures ensure data integrity and swift recovery, protecting against data loss from various disruptions.
We continuously monitor network traffic to quickly identify and respond to any suspicious activities.
Our paperless workflows not only increase efficiency and security but also promote environmental sustainability by reducing our reliance on physical documents.
A well-defined incident response plan allows us to handle security breaches effectively, minimizing damage and operational downtime.
We rigorously assess third-party vendors to ensure they meet our strict security standards, maintaining the safety of our data ecosystem.
We strictly adhere to data protection laws and regulations to prevent legal and financial repercussions and protect sensitive information.
By not storing client data, we eliminate the risk of breaches, reduce potential liabilities, and enhance client trust. So we can say that there is No Downside Risk.
In the digital age and in our line of business, protecting sensitive information is more than a necessity—it’s a cornerstone of trust. Each day, we handle vast amounts of data for our clients, and the potential risks of cyber threats loom large. That’s why we’ve committed ourselves to a rigorous cybersecurity protocol that permeates every level of our operations.
Our commitment is not just limited to technology; it includes state-of-the-art technology such as encrypted communications, secure access protocols, and continuous monitoring systems designed to detect and mitigate threats swiftly. We believe that a well-informed team is our best defense against cyber threats. Regular training sessions keep our employees up-to-date on the latest security practices and phishing threats, ensuring that vigilance is maintained through every click and every email.
This continuous education fosters an environment where security is everyone’s responsibility, and caution becomes a habitual safeguard. By integrating cybersecurity into our culture, we ensure it’s not just about protection—it’s a promise of trust and reliability to our clients.
United States
Canada
