Adastra Bulgaria Management Commitment to Information Security
Adastra Bulgaria considers Information Security as one of the top organizational priorities. This way the company maintains high client confidence in our ability to deliver not only outstanding quality services, but also to protect their information by having in place proper safe guards in terms of processes, tools, and reliable infrastructure.
The following Information Security principles provide governance for the Adastra Bulgaria Information Security Management System:
- Confidentiality: All Information Assets (IA) can be seen/accessed only by people who are authorized to access it;
- Integrity: Changes to IA are allowed only to authorized users and all changes are tracked;
- Availability: IA are accessible when the authorized users need them.
In order to have the above three IS Principles applied to all Adastra Bulgaria activities, the company maintains:
- Balanced protection: The level of protection of the IAs is based on the classification of their criticality and confidentiality;
- Independent protection for the most critical IAs: several protection mechanisms are implemented e.g. multifactor authentication plus encryption and access locking when idle. This way, we minimize the risk of unauthorized access or modification of the IAs;
- Emergency plan in the case of failure to minimize the actual consequences when a failure occurs: different strategies, e.g. Business Continuity Planning and backup and recovery are applied to the most critical company assets and processes;
- Segregation of duties: the people who request access to the information assets are not the people who authorize the access;
- Minimum privileges for everyone needed to carry out their responsibilities. Changes in the assigned privileges are done only according to changes in the responsibilities
Adastra Bulgaria Management team is committed to ensuring that:
1. Adequate security controls are in place to protect information and data processed in all company activities, including, but not limited to:
- Business development;
- Account Management and Project delivery;
- Human Resources and Talent Management;
- Finance, Accounting and Administration;
- IT & Infrastructure.
2. All this controls are properly monitored, reviewed for operational effectiveness, and continually improved in order to maintain the highest possible level of protection of all available company and client information assets.
The Adastra Bulgaria Management Team