Scherzer International’s Data Encryption Policy requires encryption to protect any data containing sensitive/proprietary data.
Data at rest (the device is not powered-on)
Data at rest should be protected by one of the following
Strict access controls that authenticate the identity of those individuals accessing the Microsoft Windows best practices suggestions.
Password protection instead of encryption is not an acceptable alternative to protecting sensitive/confidential information.
Systems that store or transmit personal information must have proper security protection, such as antivirus software, with unneeded services or ports turned off and subject to needed applications being properly configured.
As a general practice, SI doesn’t use removable media since we back up to Microsoft’s network.
Removable Media including, but not limited to, USB thumb drives, removable hard drives, CD-ROMs, DVDs, and other media are NOT to be used in transporting information containing PII.
If a client requests sensitive/confidential information for their search subjects, the Removable Media receiver must be identified to ensure the person requesting the data is the one claimed.
SI doesn’t allow for Cloud-based services outside of the company-issued Microsoft One Drive. Cloud services such as Google Drive, Box, DropBox, or non-SI issued Microsoft OneDrive accounts to be accessed on the Scherzer network.
Personal Email Accounts
SI doesn’t allow for web-based email services such as Outlook/Hotmail, Gmail, Yahoo, or other non-SI issued email accounts to be accessed from within the Scherzer network.
All the fields in a database that contain sensitive/proprietary data must be encrypted to 256-bit encryption.
Databases under NO circumstances are transported via laptops or removable devices such as a removable hard drive, optical drive, or other media.
Transmission Security (Data leaving the SI network)
All emails and data with sensitive/proprietary data transmitted outside the Scherzer International network must be encrypted and truncated (e.g., social security numbers being identified by the last four digits).
Any sensitive/proprietary data transmitted through a public network (the Internet) to and from vendors, customers, or entities doing business with Scherzer International must be encrypted or sent through an encrypted tunnel or HTTPS minimum 256-bit SSL encryption. Sensitive or proprietary data must be transmitted through a tunnel encrypted with the Scherzer VPN with point-to-point tunneling protocol (PPTP)
Transmitting sensitive/confidential information through personal web email programs or service accounts is not allowed.
Using chat programs or online peer-to-peer file-sharing programs is not allowed.
Wireless (WIFI) transmissions must be encrypted using WPA2 Enterprise encryption.
Sensitive/proprietary must not be stored on portable devices, including but not limited to laptops, smartphones, digital audio players (iPods), removable hard drives, USB thumb drives, and the like.
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.