POLICY - OVERVIEW
TeamScreen's Security Policy operates at three levels: 1)
Physical security; 2)
Operational security; and, 3)
Systems security. TSS recognizes the highly sensitive nature
of the information being handled through its systems as well as by
its personnel on a daily basis. Thus, the controls and procedures
that TSS has implemented help to assure the security of that information
as well as the physical systems underlying its operations. Each of
the three levels is intertwined with the others to assure a comprehensive
approach to the overall security of TSS.
TSS's physical security begins with the physical premise in which
it offices as well as the Network Center hosting its network equipment.
The building is monitored 24/7 and has restricted cardkey access
during non-business hours. Once inside the main building doors,
the office is protected by a separate cardkey system with intrusion
monitoring and web camera monitoring. Finally, the Network Center
has restricted cardkey access that requires a separate permission
level than the main office area.
Within the office area, all sensitive files are maintained within
locked file storage. Office computers do not store sensitive material
on local hard drives to prevent possible unauthorized access. Any
paper item slated for disposal is shredded prior to disposal.
TSS's operational security begins with proper training for personnel
regarding the handling, processing, storage and disposal of confidential
search information. Security awareness is reflected in the handling
of all client information and search submissions and results.
Each client has separate electronic and physical file structures
to ensure separation of information. Only individuals directly involved
in providing TSS client services view search requests and results.
Physical files are maintained in locked file storage when not being
processed. Obsolete paper files are destroyed via shredding prior
to disposal. Electronic files are stored within the system database
indefinitely for subsequent retrieval and compliance purposes.
Facsimile communications are handled in a secure location with
restricted access. All received facsimile communications are initially
received on a facsimile server to ensure privacy. Authorized personnel
retrieve the facsimile transmissions from the server for processing.
Workstations operate Microsoft Windows XP that allows for security
control of the local unit. All workstations are locked upon a preset
inactivity time-out to ensure the prevention of unauthorized viewing
of search requests and results.
TSS systems security is integrated into the software at the base
level. Authorization categories are established for all users with
permission levels set based on individual access criteria. The system
Username and Password protection is supplemented with control logs
and transaction logs that record activity within the system.
All search transactions, both submissions and retrievals, occur
via a secure Internet connection that is protected by Secure Socket
Layer 128-bit encryption for privacy. E-mail communications can
also be secured with encrypted transmission and digital signatures
to ensure tamper-resistant communications.
All system network servers are located within a secure physical
environment and further protected with login security for administrative
access. Back-up/disaster recovery files are maintained on high capacity
magnetic tape and CD ROM systems that are rotated off-site to a
secure location that is monitored for intrusion detection and fire