Home > Service Delivery
|
|
| People Management |
| "Recruit, Reward & Retain the best" |
The Human Resource Department at JIVA is an integral part of our organization, managing the knowledge worker in a proactive and innovative way. We aim to build a sense of belonging through our humane and purposeful activities, thereby ensuring that our people possess a competitive advantage.
Employee-friendly policies, quality of leadership, challenging work, career advancement, employee motivation and an innovative mentor system help us align our HR strategy to attaining business imperatives.
|
|
| Key aspects of our People Management Process: |
|
 |
Healthy Recruitment ratios |
|
Incentive and loyalty driven compensation |
|
Industry standard benefits like free transportation, cafeteria, Provident Fund etc. |
|
Internal referrals recruitment policy |
|
Employee satisfaction over 70% for last 2 years |
|
Focus on career planning and internal promotions |
|
Strong focus on retention of best performers |
|
Regular performance reviews |
|
| Service Level Management |
Service Level Management is one of the biggest strengths of the Operations Team at JIVA. We are rated as #1 by our clients for meeting and exceeding Service Level expectations.
|
| Key aspects of our Service Level Management Process are: |
|
Detailed Statement of Work (SOW) to capture Service Level Agreements (SLAs) at the time of new project on boarding |
|
|
Project performance metrics reported daily to the Client, JIVA Management and Operations Team |
|
Formal Weekly Performance review with the client and within the operations team |
|
Formal Monthly Operational review with the client and within the operations team |
|
Quarterly Business review with the client and JIVA management |
|
24x7 Command Center to monitor and escalate Service Level exceptions |
|
Operations Managers, Team Leaders and CSR incentives based on achievement of client SLAs |
|
Customer care was once seen as a cost center—expensive but inevitable overhead. JIVA is changing this with customer care offerings that actually deliver tangible benefits in the form of stronger relationships, increased sales and extension of the lifetime value of your customers.
|
| How do we ensure our Client’s success? |
| Service Level Management can be defined as a systematic review of service provider performance against predefined SLAs. |
 |
We implement End-to-End Service Level Management by understanding our customer needs thoroughly and incorporating them into our business goals. These goals in turn drive our Operational Goals and Service Level Metrics for Key Processes and Sub Processes.
The Project Manager and the Operations Manager work closely with the Client Team to define, understand and track key program metrics.
Service Level Metrics are reported and reviewed periodically against achievement of stated operational goals. These SLAs are then redefined based on Program Performance. This is done in Weekly Dashboards, Monthly and Quarterly Review meetings with the Client.
Key team members are incentivized based on these metrics for true alignment of operational goals across the organization. |
 |
By implementing end-to-end service level management, we ensure that our Clients experience the JIVA advantage - a sure shot recipe for long-term success.
|
| Transition Management |
Transition Management at JIVA is a step-by-step process with a strong focus on ensuring that we On-Board all Projects On-Scope, On-Time and On-Budget.
We have a dedicated Project Manager for each Project who works closely with the Client Team to facilitate smooth on boarding of the Project.
|
| Key Aspects of our On-Boarding Process Details are listed below: |
|
Focus on ensuring that we On-Board project On-Scope, On-Time and On-Budget |
|
Detailed Statement of Work (SOW) process |
|
Dedicated project manager |
|
Collaborative on-boarding process to capture key client expectations and translate to measurable SLA metrics |
|
 |
Methodology based Project Management approach:
|
| Signoff on Statement of Work |
A detailed Statement of Work (SOW), to capture key client expectations and translate them into measurable SLA metrics, periodic reviews to compare performances on the Program are just some of the few processes we have in place to ensure success on the Program.
|
| Requirements Gathering |
Detailed Functional and Technical requirements for the project are identified and documented by the Project Manager.
|
| Planning and Design |
This Design phase involves detailed design of the Technology and Operational parameters based on Client requirements. Key aspects that are planned and designed include: Reporting requirements, Technology, Application details, CSR Recruitment and Training, Networking, Security aspects etc.
|
| Implementation |
The implementation phase involves activities that integrate JIVA’s Infrastructure with the Client Infrastructure, integrate JIVA and Client Applications.
|
| Testing and Roll Out |
Rollout phase includes the testing of the entire Operations and Technology set up. This activity is monitored closely by the Client and JIVA team to ensure smooth roll out of the Project.
|
| Quality Management |
| Our Quality Mission
|
|
“We, at JIVA, are committed to delight our clients by exceeding their expectations consistently.” |
| Our experience has taught us that one of the most effective ways to improve Quality is to measure and align all the Quality Management systems with End-Customer-Satisfaction. We implement this learning and philosophy in every aspect of our Operations Management at JIVA. Various processes and tools (including Quality Monitoring System, Agent Evaluations, Surveys etc) enable us to monitor and improve the quality of our operations, to delight your customers. |
 |
| JIVA’s Quality Process |
We have consistently maintained/exceeded industry standards for customer satisfaction across all our Operations.
|
| We meet and beat all our quality objectives by: |
|
Benchmarking and setting new standards for Quality metrics compared to current standards |
|
Aligning all internal and external Quality Processes |
|
In doing so, we continuously improve overall performance and continuously add value to our Client’s business by improving end customer experience.
|
| Key components of our Quality Methodology |
1. JIVA Quality Team
2.
Standard Quality Processes at JIVA:
|
|
CSR Monitoring and Feedback Process |
|
Calibration Process |
|
Proprietary Quality of Sale Process for Outbound Programs |
|
Call Recording and Monitoring System |
|
| JIVA Quality Team |
JIVA Quality Team includes a good balance of personnel who have graduated from the Operations floor to the Quality Team. All of them have a thorough understanding of program metrics and are well trained to monitor and provide feedback to Customer Support Representatives.
Quality Assurance is an independent group in JIVA that reports directly to the Director.
The Team is headed by the Quality Manager and consists of dedicated Quality Analysts and Quality Executives for each program.
|
| JIVA Quality Processes |
We provide a wide range of services to our clients and help them in turn provide high quality operations to their customers. Given our multi-channel approach, quality metrics for each channel (such as email, chat, inbound voice based customer support and outbound tele-calling) are defined independently.
|
| Our Standard Quality Process comprises of: |
|
Measuring end Customer Satisfaction |
|
Measuring Quality through Quality score-cards/feedback forms |
|
Providing feedback to our agents - through a combination of written, real-time and oral feedback sessions |
|
Calibrating our Quality scores with our clients and end-user Customer Satisfaction data |
|
Statistical Analysis of Quality scores and trends that result in determining quality improvement plans withquantified goals |
|
 |
| JIVA Standard Quality Process
|
| 1. CSR Monitoring and Feedback Process: |
We have elaborated call monitoring, calibration sessions; process monitoring and feedback systems in place to ensure that JIVA Quality Standards are predictable and consistent.
The Quality Analyst assesses a customer support representative's performance according to specific predetermined evaluation criteria and defined guidelines. The QA’s main goal is to provide objective feedback, which is based on the customer support representative's performance on calls/emails.
|
| CSR Quality Monitoring Process: |
|
QA monitors the CSRs as per a predetermined schedule |
|
QA monitors at least two calls per day and |
|
Every CSR receives feedback at least once a week |
|
| Different types of Monitoring: |
|
Side Jacking |
|
Remote Monitoring |
|
Monitoring Recorded calls and Screen shots |
|
Remote Client Monitoring |
|
In the initial stages of a project, the call coach will side jack with a CSR and monitor a call live. The call coach will evaluate and provide the CSR with feedback using the Observation Feedback Form.
This reduces the learning curve of the CSR and ensures higher quality. Call monitoring is done at least 5 times every day for each new CSR. Once a CSR gains expertise and the project stabilizes (typically 6-8 weeks), the frequency is reduced to 1% of the calls handled. In addition we have a refresher program, which is conducted by the QA and the Project Trainer to address areas of improvement for the CSR.
|
| 2. Calibration: |
JIVA has a Calibration Process in place to align the various Quality measurement mechanisms including end customer satisfaction, JIVA internal Quality Monitoring Processes and Client Quality Monitoring Processes.
On a weekly basis, the JIVA team evaluates a few sample calls with the Client Quality team to identify the potential differences in the evaluation process. The same exercise is carried out internally by the JIVA Quality and JIVA Operations teams. Ultimately, all Quality measurement mechanisms are aligned with the end Customer Satisfaction score.
Internal and external Quality scores are reported on a daily basis. The weekly, monthly and quarterly reviews have a dedicated section to discuss the Quality target, performance and action plan for improvement.
|
| 3. Proprietary Quality of Sale Process for Outbound Programs: |
JIVA has successfully initiated a proprietary Quality of Sale Process for all Outbound Programs to ensure that only sales that fulfill all the pre-determined evaluation criteria are sent across to the Client.
A team of Quality Executives reviews and does a quality check on all the qualified sales before they are sent to the Client.
|
| 4. Call Recording and Monitoring System: |
We use industry standard tools as our Recording and Quality Management System.
|
|
100% Voice and Screen capture of CSRs |
|
Customizable Quality Score Cards |
|
CSR evaluation mechanisms |
|
Rule based call selection mechanisms (such as schedules, agent tenure, keywords, skill sets and performance) |
|
Work flow to flag and escalate exceptions |
|
Global access to the monitoring tools |
|
Integration with multiple systems and |
|
Analytics reporting |
|
| Training: |
| ‘JIVA is consistently rated as the best by our Clients for Accent Neutralization Training’ |
We recognize that our employees are our greatest assets. They contribute in a big way to our continued success in meeting and beating stringent client expectations. We believe in investing in our workforce through continuous training and development. This enables them to develop to their highest potential and achieve their personal and professional goals.
|
| Key aspects of our Training Process are: |
JIVA has a dedicated team of experienced trainers to impart Soft Skills and Project specific training. Our Trainers adopt various techniques to impart our Customer Service Representatives with the best training possible. We use Computer Based Training, PowerPoint Presentations in the form of self-learning and classroom modules, role-plays, mock calls, listening exercises, handouts, audio and video clippings to train our agents.
|
Training is generally a healthy mix of classroom sessions and practical exercises and is imparted in the following phases:
Induction Training Process
This typically covers topics such as
|
|
Service Skills |
|
Accent Training |
|
Technical Knowledge and |
|
Simulation of real life scenarios |
|
| Project Training Process |
|
Conducted by dedicated ‘Process Trainers’ for Technical and Non Technical Programs |
|
Relevant agent certification processes on completion of training as required by the Client |
|
| On-the-Job Training |
|
OJT is an integral part of the training process |
|
Facilitates smooth transitioning of an agent from the Training Room to the Operations Floor |
|
Includes new hire side jacking by Project Trainers, Team Leaders and Quality Coaches |
|
| Refresher Training Process |
|
Based on quality feedback |
|
Conducted by a team of dedicated ‘Refresher Trainers’ |
|
Helps improve individual agent and overall program performance |
|
Includes skills up gradation |
 |
|
| Compliance: |
JIVA provides Business Process Outsourcing (BPO) solutions to Global Financial Services companies in areas such as Mortgage Processing, Customer Service and Customer Acquisition.
Compliance is challenging in today’s environment of enhanced focus on Customer Privacy and fast changing regulations. The Audit and Compliance Department at JIVA was established with a view towards assuring complete commitment to Customer Privacy.
The JIVA Audit and Compliance Team keep abreast of the latest legislations and ensures strict adherence to the same. This is done by:
|
|
|
Evaluation of compliance through independent and continuous audits |
|
Structured process implementation of policies |
|
Timely escalation and investigation of incidents |
|
Effective training |
|
The group furnishes the organization with the latest laws that impact our Client operations. The audit process in JIVA systematically examines the operation of procedures in accordance with the ISO 9001-2000 standards and guidelines, to ensure compliance.
|
|
| The following section explains in detail: |
|
Compliance Laws adhered by JIVA |
|
Key to successful compliance |
|
| Compliance Laws: |
The Financial Services industry operates in a heavily regulated environment. Off Shoring of operations to locations such as India is a major trend among leading Financial Services organizations – to increase quality and reduce cost.
However, remote outsourced operations pose new and additional management challenges for these organizations especially in areas such as compliance. There is need for a knowledgeable and reliable offshore BPO partner who will provide reliable end-to-end support and services. JIVA has laid greater emphasis on regulatory compliance. The paragraphs that follow explain the details of our strict regulatory compliance policies.
|
|
| The Federal Equal Credit Opportunity Act: |
This law prohibits discrimination against credit applicants on the basis of color, religion, nationality, sex, marital status, and age.
JIVA has clearly defined Fair Lending policies. We also review calling scripts and customer handling to comply with the requirements of this law.
|
|
| Fair Debt Collection Practice Act: |
This law provides that a debt collector may not use any false, deceptive, or misleading representation, harassment or illegal means while collecting debt.
JIVA has a robust call monitoring process and 100% contact recording process to verify compliance. The calling scripts are reviewed with the client to ensure no misleading information is passed on to the end customer. Any deviation by our customer support representatives, from the policies laid down by us, results in immediate action, including termination if required.
|
|
| Data Protection Laws: |
JIVA has a strong Information Security policy implementation in place. Our policy includes Asset Classification, Access Control, Communications Management and Operations Management.
We have satisfied the policy and audit standards of some of the most demanding clients in this area.
|
|
| Telephone Consumer Protection Act TCPA 1991: |
The purpose of this law is to strike a balance between protecting the rights of consumers and allowing businesses to use telemarketing effectively. The TCPA law requires telemarketers to formalize their existing policies and, where ever necessary, create new ones to bring their operations in compliance with the main restrictions.
JIVA has documented and implemented processes to conform to the requirements of Proper Identification, Calling Hour Restrictions, Do Not Call Policies, Auto Dialer and Automatic Dialing Recorded Message Players (ADRMPs) regulations and Facsimile Regulations.
|
|
| The Telemarketing Sales Rule & Telemarketing and Consumer Fraud and Prevention Act (TCFPA) 1995: |
This Rule requires telemarketers to make certain disclosures and prohibits misrepresentations. At JIVA, continuous monitoring and verification ensures that the required information is provided to the Consumers, proper authorization for payments have been taken and the use of threats, intimidation, profane or obscene language to pressurize a consumer into accepting a sales offer is prohibited.
|
|
| Federal & California Auto Dialer Law: |
Laws governing automatic dialing and announcing devices require the acceptable error rate for connections made by automatic dialing devices, for which no agent or telemarketer is available for the person called, to be 3% (1% for the state of California). JIVA maintains the error rate well below the acceptable limits.
|
|
| Other Laws: |
There are many other Compliance laws applicable to specific Client operations. Often, there are client specific internal compliance policies we need to adhere to. JIVA has structured processes and mechanisms to incorporate and comply with new policies, as required.
|
|
|
| Comprehensive Policies for all Relevant Laws |
JIVA has defined, updated, maintained and implemented policies in line with the latest laws to safeguard Customer Privacy and to ensure Fair Lending practices. We have proactively acquired Licenses and Registrations in compliance with State Laws and Applicable regulations.
|
|
| Company Wide Training |
Training includes familiarizing all key Managers and Operations team members with the latest Compliance Policies. The purpose is to train employees to provide them with a clear understanding of the Company’s Compliance Policies and various laws. Training is an ongoing process to ensure that our team is updated with the latest laws.
|
|
| Continuous and Independent Audits |
JIVA’s Audit and Compliance team conducts audits on a continuous basis as per a confidential pre determined annual plan. Policy compliance is a part of the objectives of all key managers.
Audit findings are reviewed and preventive actions are defined to assure that discrepancies observed do not re-occur. The audit reports are available to regulators and our clients, as required.
|
|
| Process Oriented Implementation |
We believe that desired results are achieved more efficiently when activities and related resources are managed as a process.
Clear responsibility and accountability is established for managing key activities. Risks and the impact of our actions on customers, suppliers and other interested parties are evaluated. Formal channels of communication facilitate control and easy implementation of new laws as processes.
|
|
| Streamlined Incident Handling Process |
Detailed and immediate escalation procedures have been laid out for compliance deviations. Such escalations also include communication to the Client team.
Elaborate mechanisms have been developed for monitoring, investigating and evaluating compliance incidents to assure permanent resolution. Updated auditable records of compliance can be produced for defense against complaints and lawsuits. Customer complaints are reviewed on a periodic basis.
In summary, JIVA takes complete responsibility on behalf of our Clients for Compliance to Laws, ensuring Customer Privacy and Fair Lending practices.
|
|
| Technology & Technology Management: |
| We have consistently maintained Production Availability of over 99.9+% in the last 24 months. |
Being able to work with an organization that has world-class Technology Infrastructure is just one of the reasons why our clients trust us to partner with them. The JIVA Technology Group provides World Class Information Systems and Information Technology (IS / IT) solutions to our Client operations with the following objectives:
|
|
|
Increase Productivity |
|
Ensure High Availability |
|
Ensure Information Security |
|
Provide Scalability |
|
Ensure Affordability |
|
As a leading global contact center provider, JIVA brings vast resources and experience to your business and customers. Partnering to create a unique vision and strategy that supports your organization's business plan, coupled with the enabling tools to fulfill this strategy, is key to establishing superior customer service and positive long-term results. In this regards, JIVA has partnered with the Reliance Communications Group. Reliance Communications, is India's largest private sector information and communications company, with over 38 million subscribers. It has established a pan-India, high-capacity, integrated (wireless and wire line), convergent (voice, data and video) digital network, to offer services spanning the entire infocomm value chain.
JIVA has deployed and partnered with industry's leading technology providers. We also take it one step further — we integrate the tools and drive positive results for our clients by synchronizing the people, processes and technology. We know what works and what doesn't.
|
|
| Some of the common contact center technology components we deploy include: |
 |
|
- Next generation dialer offered as a hosted solution
- ACD with complete call control
|
|
 |
|
- Web chat, e-mail interactions
- Case management
- Ticketing systems with auto-emailing options
|
|
 |
|
- Off-the-shelf solutions
- JIVA’s systems are branded 100% recording solutions for compliance
|
|
 |
|
- CRM off-the-shelf or custom solutions
- Targeted web scripting applications
- Integrated CRM for better call tracking
|
|
 |
|
- IVR solutions including post-call survey
- "Follow the call"—IVR to desktop
- Multi-service provider–enterprise routing
|
|
 |
|
- Voice and data solutions and support
|
|
 |
|
- JIVA Web Knowledge services
- Integration of multiple solutions
|
|
 |
|
- Implementation and support
- Consulting solutions and services
|
|
|
JIVA Technology Architecture
|
| Our Wide Area Networking |
Our Wide Area Network is a Voice-Data Frame Relay Network on Nortel Passport 7480. We use AT&T, MCI and VSNL for International and Domestic Voice-Data Services. We use Tata Teleservices, Bharati and BSNL for Local Loop services. Our circuits include both Trans-Atlantic and Trans-Pacific routes, with End-to-End fiber for redundancy.
Our networks are in a self-healing redundant ring configuration, at the Physical, Network and Application layers on the WAN. We have implemented G729.A, ensuring Toll-Quality voice, while utilizing International Leased Circuits efficiently. Voice Services are prioritized in a PORS optimization to ensure Quality of Service implementation.
|
|
| Our Local Area Networking and Directory Services |
JIVA’s centers use a 10/100 LAN on Nortel Baystack L2 switches, with each domain segregated using port based VLANs and Cisco Catalyst L3 switches.
We have implemented Active Directory Services using Windows 2000, along with Single-Sign-On and Group Policy management. All desktop profiles are strictly controlled and centrally managed. We use VOIP on the agent side, implemented on our L3 network.
|
|
| Infrastructure Monitoring |
Our infrastructure is monitored 24x7 from a remote Network Operations Center. Monitoring includes tracking system/SNMP alerts, security alerts and log monitoring. The on-site 24x7 infrastructure monitoring team has well defined process to escalate alerts to the relevant people in Technology, Operations and Client teams.
Proactive monitoring is a key to our High Availability and Scalable Infrastructure Management Process.
|
|
| Other Technologies |
Some of our other capabilities include Document Management, Knowledge Management, Loan Origination Management and Remote Desktop Support.
|
|
|
| Our People |
The JIVA Technology Team includes a good balance of Architects, Operational Managers and System Administrators. Shifts-in-charge manage Monitoring, Help Desk and Incident Management 24x7 on site. This team is lead by a CCIE. CCIE is the highest level of professional certification provided by Cisco. As of August 2007, there are only about 15,000 CCIE around the globe.
Most managers have at least 7 years of relevant experience in their domains. System Administration responsibilities are very clearly defined for the L2 and L3 engineers, to ensure accountability.
All the team members are managed through a good mix of Technology and Business objectives. |
|
Processes |
JIVA Technology team lays significant emphasis on systematic management of infrastructure for higher performance. Various processes have been implemented successfully. Some of the critical ones include:
|
|
|
Help Desk Management |
|
Incident Handling and Escalation |
|
Change Management |
|
Preventive Maintenance |
|
Performance and System Monitoring |
|
Patch and Update Management |
|
Anti-Virus Management, etc. |
|
Our firm belief is that strong process management is the most critical aspect of IS / IT Management.
|
| Design |
JIVA’s Technology design allows us to provide Secure, Scalable and Flexible solutions to our clients. We have implemented redundancy at multiple-layers. Our WAN and Telecom links are sufficiently redundant and in a self-healing configuration. All routers are implemented with HSRP. All equipment is Enterprise Class with inbuilt redundancy for core modules, interfaces and power supplies. All traffic is prioritized to handle reduced capacity during failure.
We maintain an availability of 99.9% consistently.
|
|
| Project Management |
JIVA Technology group has a detailed and a systematic Project Management process. While on-boarding new clients and/or rolling our new technology solutions we manage the entire life cycle, including Requirements Analysis, Design, Implementation and Testing, efficiently. Majority of our implementations have been completed On-Time, On-Budget and On-Scope.
|
|
| Risk Management and Audit |
We have an independent and continuous Risk Management process. The Risk Management group ensures Information Security, Business Continuity and Compliance for all our Programs. We conduct monthly internal audits and yearly external audits to identify gaps and close them.
|
|
| Security & Risk Management: |
Ensuring Confidentiality of client information is a cause for concern for most organizations looking to offshore services.
JIVA’s guiding philosophy is to ensure that customer data and interaction is Integral, Confidential and Available only to the rightful users at the right time. We achieve this through sustained Operational Processes and secure Technical Architecture.
|
|
|
| We at JIVA will strive to: |
|
Maintain Confidentiality of Information |
|
Maintain Integrity of Information |
|
Assure Availability of Information as per our Access Policy |
|
Abide by Regulatory and Legislative Requirements |
|
Create Awareness about Information Security Among all Employees |
|
| Our Proactive Approach |
The Information Security Officer reports to the President and is independent of the IT Operations team. Key initiatives by our Security Team include: |
|
Monthly audits to prevent any breach of Security and to identify and close out all gaps found in security operations |
|
Security Sign off for every change initiated in the system and network for long term security measures |
|
Planned responses to security incidents of various severity levels through 24x7 NOC Managed Security Services |
|
Strong controls deployed across the organization to allow user access only to required information and restriction to all other information by implementing auto screen locking, strong password policies etc. |
|
|
| This section details JIVA’s Security Model based on the following aspects: |
1. JIVA Security Framework |
| 2. Key Aspects of JIVA Security |
| 3. New Client Security Measures |
JIVA Security Framework |
JIVA’s Security Framework Encompasses the Information Security Management System standard (see diagram). Key Highlights of the same are as follows: |
|
|
Written policies, resulting in well-documented security protection policies applied to networks, hardware,servers, applications and users |
|
Clarity on what needs to be protected and to what extent (degree of assurance is defined) |
|
Adequate and structured approach to risk assessment |
|
Clarity on threats and organizational vulnerabilities |
|
Develop and Review the Security Policy Plan |
|
Implementation & Audit the same on an ongoing basis |
|
 |
| JIVA Security Fact Sheet |
|
Each client’s physical, network and application infrastructure is segregated and dedicated |
|
Dedicated subnets, CRM, Ticketing systems and process specific applications and servers are on separate client Virtual LANs (VLANs) for complete segregation of entire data communication |
|
Client data and users (such as knowledge bases and internal documents) are segregated through Windows Domain Organizational Units (OU) and Group Policy based LAN authentication |
|
Entire perimeter is secured through industry standard Firewalls and access lists on Routers |
|
Log alert and analysis carried out on all critical systems equipments |
|
All core and edge routers are configured for security checks and filters used to protect and allow only pre defined services |
|
|
Individual Physical Access is controlled through access card controls |
|
We had zero Virus infection incidents till date as a result of multiple vendor three-tier Antivirus Filters at the Gateway- Mail, Server and Client locations |
|
|
Key Aspects of JIVA Security |
|
Multi Layered Approach |
|
Process Orientation to Security Management |
|
Regular Updating to Systems |
|
Independent and Continuous Audit |
|
24x7 Equipment Monitoring |
|
Well-defined Access Control |
|
|
Effective Segregation of Projects |
|
| Multi Layered Approach |
| This involves access control and security measures at all levels- physical, system, network devices and servers. Our anti-virus update and monitoring process is completely automated; operating on a maximum of 60-minute timing window for any new antivirus update from the Provider to all the systems and workstations. All personnel go through background checks and sign a confidentiality and non-disclosure agreement while joining JIVA |
Process Orientation to Security Management |
Some of the processes implemented by the JIVA Security Team include: |
|
Change Management- System Change Control |
|
Vulnerability Analysis and fixing each of these |
|
Patch Management and hot fixes application |
|
Incident Response Procedures |
|
Desktop Server Security Policies deployed |
|
Security Policies deployed for Network Devices such as Routers, Switches, Firewalls etc., |
|
|
Anti-Virus Central Management Policy implemented across three tiers: workstations, servers and at the gateway |
|
Log Monitoring carried out on a daily basis and regular auditing methods identified for the same |
|
Application Security implemented using controlled authentication and authorization with privileges |
|
Password Policy and Management implemented across multiple OS, Applications, Network equipments |
|
Clear desk and clean desk policies for all workstations |
|
| Regular Up-gradation to Systems |
We utilize MS-SUS Software Update Server to automatically update multiple Workstations and Servers as and when new patches and fixes are released. Maintaining the most recent system patch for all devices and systems post testing is one of key deliverables for our Technology Team.
|
| Independent and Continuous Audit |
JIVA Security & Risk and Compliance teams carryout regular well-planned monthly audits. They also track to closure any gaps found within the operations and technology teams.
|
| 24x7 Equipment Monitoring |
Continuous automated script-based alert mechanism for critical events on critical systems. We utilize 24x7 NOC services and daily log review to prevent occurrence of critical incidents.
|
| Well defined Access Control |
Need-to-use basis and business purpose determine the levels of user access to our systems and devices. There is restriction and control within project subnets and VLANs to specified users. There is restricted access to specified sub networks and workstations. This is decided strictly on the basis of pre defined policies and client authorizations for business needs.
|
| Effective Segregation of Projects |
Dedicated VLANs and Subnets are created for isolating client projects. Further restriction is imposed based on the role of the user involved. This is done using Domain level and Network level Architecture.
|
| Typical New Client Security Measures |
How do we segregate and provide security to a new client?
|
| Our approach to a new client on-boarding typically involves following measures (but not limited to these): |
|
Physical Segregation of the client resources |
|
User ID control for the client project |
|
Retention period and deletion of the client records |
|
Restricted access to email, web resources etc., |
|
Restricted access and controls at Desktop and Network levels |
|
Separate Unit within the domain and customized Windows group policy restrictions for the users serving the client |
|
|
Subnet, VLAN based segregation in the network |
|
Access control levels, privileges based on project timings for the day and the project role assigned |
|
Secure and audited Rule base at Firewall and L3 switches |
|
Well defined Access and routing lists at routers and LAN switches |
|
Site-to-Site VPN, SSL encryption etc to the client locations |
|
|
