The TuEnlace Difference
Data handling is an important consideration when you outsource your business services. We are sensitive to this essential concern, which is why we take every possible care to guarantee the absolute confidentiality, integrity and availability of information we process, transact, and store. As a multinational company, we comply with the various data security regulations required by the different jurisdictions in which we operate.
Information Security Program
We maintain continuous compliance at our delivery centers. We provide PCI DSS Level 1 compliance operations for a range of clients with North American regulatory requirements plus Banking Level Regulatory Standard for Customers information management and storage.
Card Data Environment
Our facilities are staffed with professionals who are within the local quarantine zones to ensure that our certified programs are delivered from our secure card data environment, avoiding information security risks associated with telecommuting. All card data operators undergo a thorough background check conducted by a third-party service provider.
Training & Reinforcement
Our recurring training curriculum delivers ISMS, PCI DSS and Quality Management Standard (QMS) education to our workforce. Our staff are subject to local jurisdiction employment agreements that include strict non-disclosure, confidentiality and security provisions.
We utilize a Microsoft Active Directory-based server infrastructure with geographically redundant systems protected by external and internal firewalls to ensure compliance with PCI and related network segmentation requirements.
CCTV monitoring throughout our offices
Disaster recovery plans in all our offices
Biometric fingerprint reader system and/or Radio Frequency Identification (RFID) to restrict access
No printers, USB pen drives, CDs/DVDs, any computing or storage device inside the production floor
Company badge requirement for all staff
Systems & Servers
High security data servers are located at data centers in USA with 2 more servers redundancy for disaster recovery plans.
Computer networks are safeguarded by many levels of software and hardware firewalls
Computer monitoring software and password for every computer user
Online file transfer system with 256-bit encryption
Periodic vulnerability and penetration testing Intruder detection system
Strict nondisclosure and confidentiality agreement
Comprehensive background verification check
Independent security clearance
Periodic training on information security
Regular information security campaigns and audits
Robust information security policies and strict implementation, with possible sanctions leading up to termination for any violation