Technical Security
Security within IRIS is of paramount
importance. All data and software systems within IRIS are
restricted to employees by password and security groups. These are
closely monitored on a regular basis.
IRIS data is backed up to a regular
schedule. These backups are collected daily by a third party data
backup supplier and are stored off site in secure fireproof vaults.
In addition to the above security, all sites implement the
following policies
- All servers are built using RAID and Mirrored Disk as
standard
- Microsoft Windows standard security features are fully
utilised
- All IRIS users have individual user IDs and complex passwords
to access IT systems
- Server and communications rooms have restricted
access to key individuals
- All systems are monitored for potential security
violations
- Anti-virus software is installed as standard on all PCs and
IRIS email servers
- Internet access is strictly controlled and monitored
BACS
We are audited by BACS which assesses our
security in the BACS processing areas of our organisation.
Contingency
IRIS has multiple sites at different
locations throughout the UK, which allows work to be redirected to
alternative sites when required.
In addition to this contingency, IRIS have
formalised Bureau Disaster Recovery procedures in place, which are
reviewed, tested and maintained at periodic times throughout the
year. Disaster Recovery procedures are documented at both overview
and detailed levels. Formalised contracts are in place between IRIS
and a Disaster Recovery supplier, whereby office space and IT
systems can be utilised upon request.
Uninterruptible Power Supplies (UPS) are
used at all sites to allow safe and controlled closedowns in the
event of power failures.
