729 Solutions is a custom software development shop that also provides operational services and migration of customer data from existing platforms to new platforms.
Whenever possible in the development, testing, and staging of software, the data used is not actual customer data, but is contextual mocked data.
However, there are instances where 729 Solutions has access to live customer data. This includes when we are migrating data for them, and when we are involved in operations work for our clients.
Information Security is an interconnected set of training, policies, practices, and oversight, including:
- An annual training session that presents the importance of keeping customer data protected.
- A written policy that defines 729 Solutions intent to proactively protect customer data that has been made available to us.
- An assertion by all 729 employees and contractors that they have read the policy and understand the need to protect customer data.
- A written procedure that defines how we protect customer data on our projects.
- A checklist, implemented for each active project, indicating the measures employed to keep customer data secure within that project.
- A periodic review of the Information Security implementation checklist on all active projects, by a Designated Security Officer.
The generally accepted standard for Information Security is known as the C-I-A Triad:
- Confidentiality - rules and practices that limit access to information
- Integrity - rules and practices that assure that the information is trustworthy and accurate
- Availability - rules and practices that ensure information is available to authorized personnel when needed.