Security, IT and Infrastructure
Working in Accordance with Global Standards of Information Security and Data Protection
Global standards of information security and data protection.
Pathquest is an ISO 9001:2015 certified company. The ISO 9001:2015 is the international standard for quality management system. This certification ensures that we meet the required standard of Customer focus, Leadership, People Engagement, Process driven approach, Process Improvement, Evidence-based decision making, Relationship Management in all our core functions.
Pathquest is an ISO 27001:2013 certified company. The ISO 27001:2013 is the international standard for ISMS – Information Security Management System. This certification ensures that we meet the required standards for information security policies, physical security, environmental security, asset management, compliances and a host of other standards that we meet for establishing, implementing, maintaining and continually improving an information security management system.
Our physical infrastructure set-up process ensures that we are able to achieve the following primary goals
Best-in-class infrastructure deployment
Industry best standards of security
Continuous review and improvement
We have implemented the below to meet our physical infrastructure objectives.
Fixed office and workstation for every employee
24/ 7 surveillance through CCTV cameras
Necessary fire safety equipment in place.
Mobile phone restriction
No cell phones allowed on the floor. Cell phones stored in the lockers outside the office.
Access Control Systems
Entry to every floor restricted only to employees stationed at the particular floor through biometrics access control
Restriction on printing of documents
Access granted to team leads and above
- Desktop and other technology infrastructure in place with latest configuration
- Computers and other equipment scraped and replaced every three to four years
- Dual leased line internet links to ensure 100% uptime.
- PathQuest facilities have multiple backups through UPS (Uninterrupted Power Supply) systems and diesel generators.
- Phone Communication: CloudPBX (Ring Central)
- 24/ 7 IT support Help desk management system
- Software used like Remote PC, Zoom, Go to Meeting, Microsoft Teams
- Taxation Software: Drake, ProFx, Pro Series, Lacerte
- Accounting Software: QuickBooks Desktop, QuickBooks Online, XERO, SageIntacct etc.
Security Control Policies
SSL VPN for Work From Home
Website Filtering, Content Filtering on Firewall
Systems are password protected
Group Email ID by client
Folder rights based on client allotment
Internet browsing restricted by firewall
Whitelisting domain – only authorized person can send out an email
No USB access or any other external drives
No office wi-fi access on cell phone
Access to Client’s data and Server
Access to Client’s server in secured environment through VPN / Secured RDP / Citrix
Access for Client’s data to only those users who are working on the client’s account
Restricted user profile for the users based on their roles
Accounting System access protected through password
Accounting System rights assigned as per the role of the users
Many of our clients prefer to send the documents to PABS team through dedicated Group e-mail ID, dedicated fax number or Secured FTP
Data Security Measures
Establish strong passwords
This measure is to define strong password. Passwords are combination of capitals, lower-case letters, numbers, and symbols.
We have high availability of firewall to protect our network. Firewalls policies are configured to have complete control on incoming and outgoing internet traffic in our network.
Antivirus and anti-malware in place to protecting our company Data. It has strong capabilities to prevent, search for, detect and remove viruses but also adware, worms, trojans, and so on.
Secure every device
Laptops are portable so there is a higher risk that they can be stolen so we have disk level encryption across our devices to encrypt all the data. In doing so, without the right password, our computer’s Data is unreadable.
All computers are regularly patched and updated by centralized update server.
Schedule backups on defined frequency as per data backup policy.
Educate employees about Data Security
We believe Prevention is the best way to keep our Data safe. We provide regular trainings to our employees about data security awareness.
PathQuest Security Program (Policies and Procedures)
Acceptable Use Policy
This policy stipulates the constraints and practices that an employee using organizational IT assets must agree to in order to access to the PABS network or the internet. It is standard onboarding policy for new employees.
Access Control Policy
Change Management Policy
Information Security Policy
Incident Response (IR) Policy
Remote Access Policy
Disaster Recovery Policy
Business Continuity Plan (BCP)