For Newgen Managed Cloud Customers
Newgen’s system complies with the information security frameworks like ISO 27001, ISO 27017, ISO 27018, PCI-DSS, SOC 1 Type 2, SOC 2 Type 2, etc. which require preventive, detective, and corrective controls. As part of Newgen’s commitment toward cyber resilient systems, six-monthly external audits are conducted to get a reasonable assurance on the effectiveness of the implemented controls.
Following the Russian-Ukraine conflict, cyberattacks on government and businesses have increased exponentially. Considering the situation, cyber security agencies across the world have issued advisories for organizations to be more vigilant.
Following are some of the additional steps introduced
- Monthly vulnerability scan
- Verification of latest anti-virus signatures on all the assets
- Monitoring team put on high alert viz
- unexpected or unusual network behavior
- suspicious/rouge/blacklisted IPs
- unusual access pattern
- Increased contact with Special Interest Groups like CISA, ISACA, CSA, OEM, Security Forums, CERTs, etc.
- More frequent awareness campaigns for employees
- Close monitoring of third-party components, and related CVEs
Other controls include the use of two-factor authentication, patching, antivirus, frequent backups as agreed with the customer, annual DR Test, IDS alert and log reviews, employee training, etc.
Customers can refer Newgen’s SOC 2 Type 2 report for details.
Communication ID: CLO/CON/10032022/01