The Centigrade Group is committed to handling all forms of information including clients’ data using the most secure information security approaches. These approaches include national business standards and using the latest technology to ensure data confidentiality, integrity and availability.
Our access control policy and information security measures contain different layers, which combined, offers comprehensive data protection for external and internal users. A select number of Centigrade employees have high level clearance to connect remotely to local networks and reach files on the server using a VPN connection.
File access control is granted by a set of NTFS permissions on the file server depending on their role and level of access. File audits are enabled in the file server logging every action over all files. E-Mail security is controlled by SOPHOS E-Mail protection using two layers; a cloud-based initial filter and a second filter installed on the E-Mail server.
SOPHOS also controls Endpoint protection for all computers and servers. This provides the most complete and secure solution against information security threats, which include, (but are not limited to) malware and ransomware. Security devices have controls in place preventing external users from accessing Centigrade data by completing authentication processes.
Each Centigrade employee has file permissions relevant to their role. This ensures only validated users can reach confidential and classified information when needed.
Centigrade conduct half yearly information security assessments to ascertain potential breaches and security policy malfunction of our IT infrastructure. Action is taken based on the outcome of the assessment(s).
Michael Anthony
Managing Director January 2022
This Policy will be reviewed regularly and updated as required.