Security Practices

Organisations face a level of inherent risks as part of doing business, therefore effective and proficient security is a vital part of a business delivering value. Security is required for their own specific operations, corporate sensitivities and their interactions with customers and partners. With a background covering due diligence, fraud prevention, criminal investigations, new property assessment and protection, security systems engineering, information security and disaster recovery planning, BrightSolver is adept in identifying and understanding the relationships between risks and security solutions. At BrightSolver, security and confidentiality of clients data is the highest priority. Therefore, we have developed high quality and extremely robust Security Solutions at each level. Security of all our premises is ensured by putting electronic and physical measures in place. As security is crucial to our efficiency and performance, we cover every base, from the location of the office premises down to the IT systems deployed.

Corporate Security Function Objective

Identify and effectively mitigate, at an early stage, any developments that may threaten the resilience and operations of the Business Services provided to the clients to ensure security, continuity and safety. The corporate security function oversees and manages the close coordination of all functions within the company that are concerned with security, continuity and safety.

Security Doctrine

Embracing the concept of commitment based security; BrightSolver strives to deliver security as an integral part of the daily working practice across the company. This way we ensure that security is the responsibility of all and is not just delivered discretely by a central security department. Each office is responsible for the implementation of an appropriate security programme that is practical, cost-effective, in compliance with relevant laws and regulations and proportional to the risk presented. While it is incumbent on each office individually to define and adopt those security measures best suited to address the threats it faces; these measures are aligned to the corporate security programme.

Risk Management Methodology (Physical and Operational Security)

BrightSolver has always adopted the philosophy of deploying risk-based security mitigation measures. A Comprehensive Risk Assessment programme includes audits at various stages of the project as mentioned bellow: Site Security Evaluation to identify the facilities for operations, Physical Security Risk Assessment prior to commencement of services to determine adequate risk mitigation and protection measures are deployed, Regular Periodic Risk Assessments to ensure compliance to the Security Programme. These measures are taken to ensure that all stake holders are aware of the risks to the BrightCAP™ Processing Centres and BrightSolver business and corrective/protective measures are accordingly incorporated.

Business Service Application Security Practices

The Global Security Operations Centre (GSOC) at BrightSolver is at the centre of the technology initiative and assures the team and the stakeholders that security and contractual compliances are critical to our service delivery. This helps BrightSolver adopt a proactive approach to address potential business-disruptive issues and events. Incidentally, BrightSolver is among the few companies to operate a global command centre. The alarm monitoring and reporting capabilities of the GSOC provide a high level of assurance on business resilience and compliance to the management, partners and business stakeholders. Some of the Key Features of GSOC: Access authorisation and control, Remote monitoring of alarms, Remote surveillance of critical incidents, Management of intelligence reports and alerts, Incident management and trend analysis, Secure transportation through vehicle tracking, Enterprise wide coordination on security matters and Key tool for security compliance and governance.

Global Security Operations Centre

Identify and effectively mitigate, at an early stage, any developments that may threaten the resilience and operations of the Business Services provided to the clients to ensure security, continuity and safety. The corporate security function oversees and manages the close coordination of all functions within the company that are concerned with security, continuity and safety.

Fraud Prevention Programme

BrightSolver has adopted the three-point process of Prevention, Deterrence and Detection with the following key aspects: Background screening of all employees, Follow a “Code of Business Conduct”, Segregation of duties and multiple audit checks including supervisory control, Contract management with third party contractors and partners, Physical security management (prevent touting, crowd control and access control to the back office areas), Onsite surveillance of the facility through CCTV by security or unit management personnel, Information security through tested policy implementation with centralised control, Effective incident management programme on both information and physical security breaches, Mystery shopping and integrity checks to ensure integrity of the processes and BPC facilities and a complete corporate and information security set-up across the globe.