Data Confidentiality

Is maintained by the adoption of relevant sections of ISO/IEC published standards, NIST special publications, and PCI (Payment Card Industry) standards. Operational controls define proper use and access to information based on “least privilege” and “need to know” principles. Technical controls force identification, authentication, strong passwords, aggressive firewall policies, and make regular use of scanning tools. Plus, cryptographic technologies are implemented where appropriate.