Cyber Security – Marble Box

MARBLE BOX

Our security infrastructure is designed to protect us from all angles. Here's how we ensure your data remains secure:

Segmentation and classification of the network are implemented using Next-Gen Firewalls with SSL/TLS encryption.
Firewall is powered by Intrusion Prevention System (IPS), Sandboxing, Certificate Inspection, DOS attack protection, and more.
Secure data transfer is ensured with SSL/TLS encryption, and unauthorized access is restricted through strict access controls.
Network is segregated into internal, perimeter, and public zones, with only essential services enabled to minimize attack surfaces.

Background checks are conducted for all employees, and security training is mandated during onboarding.
Regular training sessions are conducted, covering phishing, spyware prevention, physical security, and incident reporting.
Non-disclosure agreements (NDAs) are signed by all team members to ensure confidentiality.
Employee activities are monitored in real time using centralised tools for compliance purposes.

Advanced Threat Protection tools, like Microsoft Defender, are used to guard against zero-day malware, ransomware, and spear-phishing.
DMARC, DKIM, and SPF protocols are implemented to authenticate email senders and prevent domain spoofing.
Mobile Device Management (MDM), Intune, DLP policies in place to monitor, detect, and block the transmission of sensitive data via email.
Sandboxing tools are used to inspect email attachments in an isolated environment before they are delivered to users.

Active Directory policies, strong alphanumeric passwords, and two-factor authentication (2FA) are enforced for secure access.
AES 256-bit encryption is applied to all systems, and the use of mass storage and removable media is restricted and monitored.
Critical updates, patches, and application whitelisting are centrally managed to ensure system integrity and reduce vulnerabilities.
Endpoint threats are mitigated using centralised endpoint solutions, EDR solutions, and secure boot processes.

Biometric access controls, 24/7 CCTV surveillance, and on-site security personnel are used to secure office premises.
Entry to production floors is restricted, with mobile devices prohibited in sensitive areas and lockers provided for storing personal belongings.
Visitor access is limited, pre-approved, escorted, and verified through identification checks.
Emergency response plans and periodic drills are conducted to ensure preparedness for incidents like fire or natural disasters.

Access to sensitive data is limited by enforcing least privilege, and employee activities in production environments are logged.
Data is encrypted using AES 256-bit standards, and obsolete data is securely erased in accordance with industry practices.
Emails are secured through Microsoft 365 encryptions and credentials are secured with password management system.
Data Loss Prevention (DLP) policies are implemented to monitor, detect, and prevent the unauthorized sharing of sensitive information.

Advanced threats are mitigated through behavioral analytics, anomaly detection, and continuous monitoring by a dedicated 24×7 SOC team.
External and internal threats are proactively monitored using SIEM and XDR systems, ensuring real-time detection and response.
Threat intelligence feeds are utilized, and incident response plans are regularly tested and updated to address emerging risks.
Endpoint threats are isolated, and containment mechanisms are deployed to prevent the spread of detected threats.

ISO/IEC 27001:2022, SOC2-Type2, and HIPAA certifications are maintained through periodical internal & external audit.
Vulnerability assessments (VA), Penetration tests (PT), Ransomware simulation are conducted periodically to ensure robust defenses.
Audit trails documenting changes to infrastructure and client data access are maintained comprehensively.
Compliance training programs are conducted regularly to ensure all employees are aware of the latest regulations and industry standards.

With our 8-layer security approach, you can trust that your information is in the best hands.