SECURITY OVERVIEW
Secure File Handling.
Secure, confident handling of proprietary client data is a first priority at BDI. We are vigilant in supporting the technology and policies required to ensure that our production environments and facilities meet the latest standards.
Introducing SOC 2 and SOC 3! (Goodbye SAS-70!)
BDI is pleased to announce the completion of our first annual SOC 2 and SOC 3 Type II audit review on November 30, 2011. Complete information is available at: SOC COMPLIANCE ACHIEVED.
Access and Perimeter.
Trusted security consultants and stringent security policies are constantly applied in review of procedures for physical, electronic and employee access to confidential data. This ongoing activity is supported by a Security Committee which meets and reviews the activities and policies on a monthly basis.
Building Security
All processing is performed in spaces defined by user "need-to-access" requirements. Building entrances are pass-key activated for entry by BDI employees only with visitors escorted for entry and departure.
Electronic Monitoring
Electronic surveillance is employed and records 24-hour activity in all data-sensitive areas of our facilities. Employee activity is monitored with employee-assigned access cards when entering or leaving secure areas throughout the facility with subsequent reporting and review in place.
Secure Data Delivery System (SDDS)
BDI developed and supports a proprietary file transfer system that utilizes the latest in compatible SSL encryption and compression standards. This system enables clients to safely and rapidly submit or retrieve content for all aspects of development and production. All sessions are recorded and client-specific access is available for multiple end users.
Background Checks
All employees undergo routine background checks as part of their employment, including investigation for credit problems, criminal activities, gambling, drug violations as well as past employment verification.
Security Level Clearances
Different levels of facility access is assigned to employees according to their specific involvement in the handling of sensitive data, i.e. employees are only allowed secured access to those geographic areas, within the facility, in order to perform their required duties.