Frequently Asked Questions
1. Will outsourcing to RightLogix mean I lose control over my processes?
RightLogix considers itself to be a strategic extension of your organization's capacity. Hence, we work the way you work. We provide you with long-term visibility into every aspect of our relationship, which allows you to retain control over your outsourced processes.
2. How do I verify whether the Privacy and Integrity of my customer data is protected?RightLogix has in place a stringent policy to ensure confidentiality of data. Strong physical, network and electronic security measures ensure that confidential data does not go out of the site. Infinite has partnered with Fortune 1000 firms for many years and we have not had a single instance of data or information misuse.
Based on client specifications, our employees sign a confidentiality agreement at the beginning of any engagement. We also adopt all additional measures required by clients.
3. Does possess the ability to understand my business, so that I can outsource effectively?
RightLogix’s Project Management Group and Domain Competence Team, together have 30+ years of experience in each of our key focus areas. This enables us to understand client businesses and requirements better.
4. How secure is the data sent across to RightLogix?
Any data sent to RightLogix by any client is treated with care and confidentiality. Internal mechanisms are put in place to prevent copying, limited access to internet/emails, and multiple levels of authentication. HIPAA conformance is enforced as a Business Associate through a full time HIPAA compliance officer. Movement of any physical media, print outs, soft copies are strictly controlled through physical security in addition to logical security policy implementations. Data backups are taken at a regular interval and these are stored at a remote location for facing any unforeseen eventualities.
5. What if the Internet access at RightLogix office goes down?
RightLogix has redundant leased lines for Internet access in a dedicated manner from two different ISP’s. If due to any reason one ISP goes down, we can comfortably operate through second ISP without much difficulty. Due care is exercised in choosing these ISP service provider’s to make sure that ISP’s have multiple sources of feeds instead of just one. Hence the risk is minimized.
6. How do you continue to service customers when some staff members leave the organization?
RightLogix has attractive HR policies to retain people at all levels. As a safety measure 15% extra trained workforce is employed to overcome any such contingency situations. Training is a continuous process, through which we train/cross train staff to handle multiple processes.
7. How does your pricing compare with respect to your competition?
RightLogix goes to great lengths to ensure that our pricing is at or below the respective market in order to permit prospective clients to make decisions based on the value of our services, experience, expertise and technological advantages.
8. RightLogix Is your system a mainframe or client/server application?
RightLogix application is a client server and web based application thereby improving usability, flexibility, and scalability as compared to mainframe systems. A major limitation of mainframe systems is that they do not easily support graphical user interfaces or remote access.
9. What are the various risk mitigation measures have considered for the data safety and privacy?
Risk Mitigation Measures
RightLogix has strategically designed a risk mitigation program, considering and encompassing all the requirements of its own business as well as of the business partners, and that proactively targets core cost drivers. Risk mitigation encompasses loss prevention, loss control, and claims management.
Our risk mitigation measures include the following:
Business Continuity Planning
RightLogix has strategic process that encompasses emergency response, crisis management, and business resumption planning
Construction and Fire Protection Management
Life safety and security construction and maintenance management services, construction plan review and inspection service, and construction observation
RightLogix has well defined HR & Six Sigma measures to respond to any crisis that may arise from Human Resource or Process Driven circumstances.
We at RightLogix have an established practice for ergonomic consultation as a pre-employment tool and a post-employment control for employee comfort and safety
Life Safety Evaluations
Assessments of both building systems and management features upon which reliance is placed for the safety of facility occupants.
Pre-emergency and Disaster Planning
Pre-emergency procedure development and planning for employee safety, facility and environmental protection, utility curtailment, operating continuity, after incident recovery, support agency interface, implementation steps and checklists, public liability prevention, etc.
Risk Control and Claims Management
Address pre-loss and post-loss risk mitigation and control issues, Security Alarm System Design & Analysis, developed at RightLogix to perform: client and project requirement assessments, site investigations; calculations; contractor performance monitoring (submittal reviews, RFI's, etc.); system acceptance testing, etc.
10. Are there any contingency models that RightLogix deploy to avoid loss of data?
RightLogix had developed and deployed various contingency methods so as to minimize the loss in unavoidable circumstances, if any. Some of them are listed as follows:
Data Backup Practice
Securing your data in today’s world is a must! One day you can be infected with a virus or your hard drive can stop working. That’s when you will thank yourself that your computer information has been securely stored on a backup. We have stringent policy to take regular Data Backup so as to avoid unpleasant circumstances. Our Network Administrators use hard disk image computer backup solution on daily basis. Backups are useful primarily for two purposes: to restore a computer to an operational state following a disaster (called disaster recovery) and to restore small numbers of files after they have been accidentally deleted or corrupted.
We have Dedicated Servers providing FTP facility with Backup and Recovery Strategies. We conduct a weekly remote backup to provide a fail safe version. Even if the data-center burns down, we will have a copy of data. use Secured Shell Layer tool for FTP Security, effective for Selecting User IDs and Passwords.
11. What are the Information Security and Data Privacy techniques followed in? What type of disaster plans do you have in place?
We at RightLogix understand the critical responsibility to have Information Security and Data Privacy of our client. We took great care to provide following mentioned techniques and measures:
a. Is certified under international data security and audit standards such as BS7799 or SAS70?
Information security and data privacy is increasingly becoming important and more so in the offshoring industry where confidentiality and integrity of data seems to be a concern for companies looking at offshoring. Infinite has acknowledged this fact and made a robust information security management system (ISMS) framework in line with BS7799 standard. We have tightly integrated (PPT) Processes, People & Technology to ensure that we meet the security standards. Our ISMS framework protects the information and data of our customers through a controlled process, checks and balances are in place to audit these processes. We at RightLogix are committed to the information security and proved to our customers that information and data are well protected.
b. What technology is used to deal with malicious attacks (encryption, firewalls, etc)?
Dial-in to our network is not allowed from outside and we do not allow access to LAN from outside using Internet. We allow selected employees to access outlook e-mails using VPN over Internet. To ensure an adequate and comprehensive ISM, monitoring controls such as password management and physical security were used to augment technical controls like firewalls and IPS. We have implemented Linux based Security Solution which include firewall / IDS Sensors / Syslog Server for managing the network devices. Syslog’s are maintained for period of one month. LAN is divided logically through VLAN’s according to the Project Requirements. We have created a separate VLAN for the management of all the Devices. Any configuration change is controlled by the change control process. All the security process is governed by our security policy manual.
c. Business Continuity & Disaster Recovery
In today's highly competitive environment, businesses need to continuously innovate to meet the expectations of their customers.
To deliver on this promise, RightLogix understands that it is imperative to maintain required level of customer service even in contingency situations. In order to face any contingency arising out of a disaster has developed a well thought out Business Continuity Plan (BCP). The business continuity plans have been designed to firstly prevent service disruptions and secondly to resume normal business operations in the shortest possible time. business continuity plans are tested and audited on a regular basis to ensure a high level of readiness at all times.
Business Continuity Plan aims to address the contingencies arising out of
Environmental / natural disasters
Organized / deliberate disruption because of act of terrorism, act of war, civil
Loss of utility services such as communication, power, etc.