Data Security

BRG’s Data Security Policies


  1. All connections to the outside world goes through a Firewall and is monitored and maintained on a regular basis.
  2. All system passwords are complex and changed on a regular basis
  3. All data is stored on redundant servers and backed up on a regular basis
  4. Data that is transmitted across public networks are encrypted
  5. All systems are protected against malware and viruses with regular updates to anti-virus software
  6. All systems and applications are updated regularly for security updates
  7. Systems and processes are limited by security groups – based on need to know and job responsibilities
  8. Each user with access to data has a unique user ID and a complex password that changes every 90 days.
  9. System screens lock after 3 minutes of inactivity
  10. We enforce a clean desk policy that states that sensitive information is never left unattended, never within plain view and is stored within a locked cabinet inaccessible but to authorized individuals.
  11. Data is destroyed securely by shredding it
  12. Systems track and monitor all access to the network
  13. Surveillance systems are installed
  14. All security systems and processes are tested for failure on a regular basis
  15. All Staff is informed of these policies and have signed a written agreement to uphold them
  16. All business partners and hosting providers adhere to these policies